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DESCRIPTION 

PACKET TRANSMITTER APPARATUS 

Technical Field 

5 [0001] The present invention relates to a packet transmitter 
apparatus which generates IP packets of an encrypted audio and 
video (AV) stream and transmits the packetized stream using an 
Ethernet (registered trademark, a wired LAN) such as IEEE 802. 3 or 
a wireless LAN such as IEEE 802. 11. 

10 

Background Art 

[0002] With recent development of communication techniques, 
various techniques for transmitting packets efficiently have been 
provided (for example, refer to Patent Reference 1). As one of 

15 these, a Moving Picture Experts Group Transport Stream (MPEG-TS) 
signal defined in the IEC 61883-4 has been conventionally 
transmitted by connecting a digital broadcasting tuner with a DVHS 
system video recorder in a room in a general home, using an IEEE 
1394 method digital interface. Here, in the case where broadcast 

20 contents have been subjected to content protection such as Copy 
One Generation, the contents are encrypted and transmitted in 
order to protect the contents from unauthorized copying. As an 
example of a scheme for encrypting AV data such as an MPEG-TS 
obtained by receiving and selecting digital broadcast in this way and 

25 transmitting the AV data, the Digital Transmission Content 
Protection (DTCP) is defined. DTCP is a content protection 
technique used on a transmission medium such as the IEEE 1394 
and a USB. The DTCP method has defined by Digital Transmission 
Licencing Administrator (DTLA), and described in the following: 

30 hyperlink "http://www . dtcp . com" "http://www . dtcp . com"; 
hyperlink "http://www. dtcp. com/data/dtcp#tut. pdf" "http://www. 
dtcp. com/data/dtcp # tut . pdf"; hyperlink "http : //www . dtcp. 
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com/data/wp#spec. pdf" "http://www. cltcp. com/data/wp#spec. 
pdf"; and book w IEEE 1394, AV Kiki e no Ouyo (Appkication to IEEE 
1394, and apparatuses)", edited by Shinji Takada, THE NIKKAN 
KOGYO SHIMBUN, LTD., Chapter 8, Copy Protection, pp. 133 to 149. 
5 [0003] An MPEG-TS will be described. A transport stream is 
composed of transport packets (TS packets). A TS packet is a 
fixed-length packet of 188 bytes. The length is determined 
considering consistency with an ATM cell length and applicability in 
the case of performing error correction coding of a Reed-Solomon 

10 code or the like. A TS packet is composed of packet header having 
a fixed length of 4 bytes, and an adaptation field and a payload each 
having a variable length. In the packet header, a packet identifier 
(PID) and various types of flags are defined. According to this PID, 
the type of TS packet is identified. There may exist both adaptation 

15 field and payload or only one of them. The presence can be 

identified by a flag (adaptation field control) in the packet header. 

An Adaptation_field has a function of transmitting information such 
as Program_Clock_Reference (PCR) and a function of stuffing within 
a TS packet in order to generate a TS packet with a fixed length of 

20 188 bytes. Also, PCR is a timestamp of 27 MHz. The value of the 
PCR is referred to in order to reproduce a reference time at the time 
of coding in the System Time Clock (STC) of a decoding apparatus. 
In a TS of MPEG-2, the STC of the decoding apparatus has a PLL 
synchronous function by the PCR. In order to stabilize this PLL 

25 synchronous function, the transmission interval of the PCR is 0. 1 ms 
at most. An MPEG-PES packet in which individual video streams, 
audio streams and the like are segmented into payloads of TS 
packets each of which has an identical PID number, and the TS 
packets are transmitted. In addition, such PES packet is configured 

30 to start with a starting position of a TS packet. Since a transport 
stream can transmit plural programs, table information is used. 
The table information indicates relationship between each program 
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included in the stream and the program components such as video 
and audio streams which constitute the program. This table 
information is called Program Specific Information (PSI), and a 
Program Association Table (PAT) and a Program Map Table (PMT) are 
5 used. PSI such as a PAT and a PMT are positioned in the payload of 
a TS packet on a so-called section basis, and transmitted. The PIDs 
of PMTs corresponding to program numbers are specified in the PAT, 
and video, audio and additional data included in the corresponding 
program and the PIDs of the PCRs are described in the PMT. 

10 Therefore, with reference to the PAT and PMT, it is possible to extract 
only the TS packet which constitutes a desired program from among 
the streams. As a Reference Document concerning TS, there is, for 
example, "Gazo & Onsei Asshuku Gijutsu no Subete 
(Intanetto/dejitaru terebi, mobairu tsushin jidai no hissu gijutsu) 

15 (The Everything of Video and Audio Compression Technology (The 
Essential Techonology in the Internet / a Digital Television and 
Mobile Communication Era)", CQ Publishing, TECH I, Vo. 4, edited by 
Hiroshi Fujiwara, Chapter 6, "Gazo ya Onsei wo Tajuka suru MPEG 
Shisutemu (The MPEG System of Multiplexing Video and Audio)", 

20 and the book explains TS. 

[0004] As for logical hierarchical structures concerning a PSI and 
an SI, a processing procedure example, and a station-selection 
processing example, they are explained in "Dejital Hoso Jushinki ni 
okeru Senkyoku Gijutsu (A Channel Selection Techniqhe by a Digital 

25 Broadcast Receiver)", Miyake et. al., SANYO TECHNICAL REVIEW, Vol. 
36, June, 2004, No. 74, pp. 31 to 44. 

[0005] In addition, as for an access control scheme used in 
digital broadcasting, the ARIB standard and the ARIB STD-B25 
define scrambling, specifications of related information and 
30 specifications of receivers concerning them, ARIB technical 
documents, the ARIB TR-B14, and the ARIB TR-B15 define the 
operation. 
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[0006] FIG. 1A is an example of transmission in the IEEE 1394 of 
an MPEG-TS using the DTCP method. In the DTCP method, the 
transmitter side (packet transmitter apparatus) is called source 
1801, and the receiver side (packet receiver apparatus) is called 
5 sink 1802. Encrypted contents such as an MPEG-TS are transmitted 
from a source 1801 to a sink 1802 through a network 1803. As 
supplemental information, an example of a source apparatus and a 
sink apparatus will also be described in FIG. IB. 
[0007] FIG. 2 is a diagram illustrating the outline of a 

10 conventional packet communication unit in the DTCP method. Here, 
both of the packet transmitter unit provided with the source 1801 
and the packet receiver unit provided with the sink 1802 in FIG. 1 
are shown as packet transmitter and receiver units. First, 
authentication and key exchange (abbreviated as AKE) according to 

15 the DTCP method are performed. In an AKE unit 1901, the setting 
information of the authentication and key exchange is inputted. 
This information is transmitted to a packet generation unit 1902. 
The packet generation unit 1902 generates packets each having a 
prescribed header, and the packets are outputted to a network 1907. 

20 Here, the packet generation unit 1902 generates packets of inputted 
data using transmitting parameters determined by a transmitting 
condition setting unit 1903, and transmits the packets. In the 
receiver side, a packet receiver unit 1904 filters signals to be 
inputted through the network 1907 by identifying packet headers, 

25 and the obatined signals are inputted in the AKE unit 1901. In this 
way, the AKE unit of the transmitter side (source) and the AKE unit 
of the receiver side (sink) can perform message communication with 
each other through the networks 1803 and 1907. In other words, 
according to the DTCP method, authentication and key exchange are 

30 executed. 

[0008] Once the authentication and key exchange are 

established between the transmitter side (source) and the receiver 
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side (sink), AV data is transmitted next. In the source, an MPEG-TS 

signal is inputted into an encryption unit 1905, and encrypts the 

MPEG-TS signal. Subsequently, this encrypted MPEG-TS signal is 

inputted into the packet generation unit 1902, and outputted to the 

5 network 1907. In the sink, the packet receiver unit 1904 filters 

signals to be inputted through the network 1907 by identifying 

packets based on packet headers, and the obtained signals are 

inputted into the decryption unit 1906, and the decrypted MPEG-TS 

signal are outputted. 
10 [0009] Next, a supplemental description of the above procedure 

will be provided next with reference to FIG. 3. In FIG. 3, the source 
and the sink are connected through the IEEE 1394. First, a content 
transmission request is made in the source side. Subsequently, 
encrypted contents and content protection mode information are 

15 transmitted from the source to the sink. The sink analyzes the copy 
protection information of the contents, determines the 
authentication method among a full authentication and a restricted 
authentication, and transmits the authentication request to the 
source. The source and the sink share an authentication key 

20 according to the processing prescribed in the DTCP. Subsequently, 
the source encrypts an exchange key using the authentication key, 
and transmits the encrypted exchange key to the sink. The sink 
decrypts the exchange key. The source generates seed information 
which changes as time passes in order to change the encryption key 

25 temporally, and transmits it to the sink. The source generates an 
encryption key, based on the exchange key and the seed information. 
The source causes the encryption unit to encrypt the MPEG-TS using 
this encryption key and transmits it to the sink. The sink receives 
the seed information, and restores a decryption key, based on the 

30 exchange key and the seed information. The sink decrypts the 
encrypted MPEG-TS signal, based on this decryption key. 
[0010] FIG. 4 is an example of an IEEE 1394 isochronous packet 
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in the case of transmitting an MPEG-TS signal in FIG. 1. Each of 
these packets is composed of a header of 4 bytes (32 bits), a header 
CRC of 4 bytes (32 bits), a data field of 224 bytes, and a trailer of 4 
bytes (32 bits). Among the CIP header and TS signal which 
5 constitute the data field of 224 bytes, only the TS signal is encrypted 
before being transmitted. Here, the information which is unique to 
the DTCP method is a 2-bit Encryption Mode Indicator (EMI) which is 
copy protection information and an Odd/Even (O/E) which is the LSB 
of the seed information. Since they exist in the header of the above 

10 32 bits, they are transmitted without being encrypted. 

[0011] However, in the above conventional technique, there are 
following problems. The conventional DTCP method is intended for 
transmitting an MPEG-TS signal using isochronous packet in real 
- time in the IEEE 1394. However, it has a big problem that it cannot 

is transmit the MPEG-TS signal through the networks such as the 
Ethernet (registered trademark) (IEEE 802.3), the wireless LAN 
(IEEE 802.11), and other networks which are available for 
transmission of IP packets, using the Internet Protocol (IP) which is 
the standard protocol of the Internet. 

20 [0012] In other words, it has a big problem that it cannot 
transmit contents subjected to digital copyright protection such as 
ground/BS digital broadcasting and server broadcasting between 
the packet transmitter apparatus and the packet receiver apparatus 
which are logically connected through IP, while protecting the 

25 copyright of the contents. 

[0013] In addition, in the case of using the HyperText Transfer 
Protocol (HTTP) in live-broadcast transmission, a receiver side 
needs to calculate a header length to be added in the encryption and 
the transmission content length, each time an HTTP request is made. 

30 Therefore, it has a problem that the processing load in a receiver 
side is heavy. 

[0014] Further, it has a problem that it has difficulty in 
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performing trick playback of contents stored in a hard disc or the like 
in a simple manner. Such trick playback includes fast forwarding, 
rewinding and slow playback. 

[0015] Further, it has a problem that it has difficulty in 

5 performing trick playback of contents which have different storage 
formats and are stored in a hard disc, an optical disc or the like using 
a common scheme in a simple manner. Such trick playback 
includes fast forwarding, rewinding and slow playback. As an 
example of local operations (at an apparatus body) not operations 

10 via a network, as to trick playback in an apparatus body of Blu-ray 
disc scheme, the following explains the EP_map data structure for 
trick playback: "Logical Specifications and Content Protection 
System of Bru-ray Disk Rewritable Format (2)" in the Matsushita 
Technical Journal, October, 2004, pp. 34 to 38. 

15 [0016] In particular, in a home, a digital television or a home 
server or the like needs to distribute contents which are subjected to 
digital copyright protection and obtained through broadcasting or 
the like to various types of apparatuses which are set in the home. 
Accordingly, it is necessary in the home to distribute contents 

20 according to the DTCP method in a form of wide-spread IP packets in 
order to enable content transfer between apparatuses of various 
manufacturers, while protecting the copyrights of the contents. In 
other words, there is a need to realize the Digital Transmission 
Contents Protection over IP (DTCP-IP). 

25 (Patent Reference 1) Japanese Laid-Open Patent Application 

No. 2000-59463. 

Disclosure of Invention 

Problems that Invention is to Solve 

30 [0017] An object of the present invention is to provide a packet 
transmitter apparatus which is capable of transmitting contents 
protected by a content protection technique such as DTCP using 
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HTTP and RTP in a form of wide-spread packets such as IP packets . 
Means to Solve the Problems 

[0018] In order to achieve the above object, the packet 
5 transmitter apparatus of the present invention is intended for 
transmitting packet data to a packet receiver apparatus. The 
packet transmitter apparatus includes: an audio and video (AV) data 
information obtainment unit which obtains AV data information 
including input terminal information indicating a terminal to which 

10 AV data is inputted, data format information indicating the data 
format of the AV data, and attribute information indicating the 
attribute of the AV data; a data input unit which receives the AV 
data and non-AV data; a transmitting condition setting management 
unit which extracts at least one of charge information, playback 

15 control information and copy control information of the AV data, 
from the non-AV data or the AV data, and generates, based on the 
extracted information, encryption mode information indicating an 
encryption mode which serves as a condition at the time when the 
AV data is transmitted; an encrypted data generation unit which 

20 generates encrypted data by encrypting, based on transmitting 
conditions determined as a combination of the input terminal 
information, the data format information and the attribute 
information, the AV data received by the data input unit, and adding 
encryption information headers based on the encryption mode 

25 information to the encrypted AV data; a packet generation unit 
which generates packets by adding packet headers to the encrypted 
data generated by the encrypted data generation unit; an 
authentication unit which performs authentication processing with 
the packet receiver apparatus; a transmission protocol 

30 determination unit which determines a transmission protocol of the 
AV data between the packet transmitter apparatus and the packet 
receiver apparatus, using at least one of the input terminal 
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information, the attribute information and information indicating a 
transmission mode specified by the packet receiver apparatus; and 
a transmission unit which transmits the packets including the 
encrypted data generated by the packet generation unit to the 
5 packet receiver apparatus according to the transmission protocol 
determined by the transmission protocol determination unit, after 
the authentication processing with the packet receiver apparatus is 
completed, 

[0019] More specifically, according to a first invention, a packet 

10 transmitter and receiver unit which includes: a data input unit which 
inputs AV data and non-AV data respectively; an encrypted data 
generation unit which inputs outputs of the data input unit and 
"executes encryption or addition of an encryption information 
header" according to prescribed receiving conditions; and a packet 

15 header addition unit. The encrypted data generation unit includes 
an authentication unit, an encryption unit and an encrypted 
information header addition unit, and includes a control unit which 
controls the encryption unit to or not to execute encryption 
according to the prescribed transmitting and receiving conditions 

20 and controls the encryption information header addition unit to or 
not to perform addition of encryption information headers. In this 
way, an encryption mode is determined according to transmitting 
conditions by a predetermined rule provided from outside an AV 
stream such as an MPEG-TS signal, and further addition of 

25 encryption information header is determined. This makes it 
possible to maintain confidentiality of an AV stream, securing 
compatibility of signals between packet transmitter and receiver 
apparatuses and using HTTP and RTP. 

[0020] According to a second invention, the mode for executing 
30 authentication is determined based on control information inputted 
from outside in the authentication unit in the first invention. For 
example, it provides a Uniform Resource Identifier (URI) specifying 



-9- 



■■ .» 

V 



an access position of each contents, as control information to be 
inputted from outside, and determines an authentication mode 
according to the URI format. For example, in the case where the 
URI is extended by a Query, authentication is needed. The Query 
5 information makes it possible to provide a Transmission Control 
Protocol (TCP) port number for authentication. In this way, it 
becomes possible to determine the authentication execution mode, 
based on the control information to be inputted from outside. 
[0021] A third invention is characterized by following a copy 

10 control information (CCI) of the AV stream as the prescribed 
transmitting conditions to be provided from outside in the encrypted 
data generation unit in the first invention, and it determines an 
encryption mode and addition of encryption information headers. 
In this way, it determines an encryption mode of the AV stream such 

15 as an MPEG-TS signal according to the copy control information, 
adds encryption information headers. Subsequently, it generates 
packets of the AV stream and then transmits the packets, 
succeeding the copy control mode which has been set by the 
copyright owner of the AV contents. In other words, since the 

20 processing by a prescribed rule is performed, it becomes possible to 
secure compatibility of signals between packet transmitter and 
receiver apparatuses protecting the copyright of the AV contents. 
[0022] A fourth invention inputs the AV data and non-AV data in 
the first invention into data buffers respectively, and output them to 

25 the packet header addition unit by performing output priority control 
of these two buffers. For example, it preferentially outputs the AV 
data from the data buffer while controlling the buffer of the non-AV 
data in order not to overflow. In this way, it becomes possible to 
preferentially transmit data with high importance among the AV 

30 data and the non-AV data. 

[0023] A fifth invention adds a timestamp to each data block 
which constitutes AV data in the first invention, and maps integrated 



- 10- 



one or more data blocks with timestamps onto the payload part of a 
Real-time Transport Protocol (RTP) packet or the payload part of an 
HTTP packet. For example, in the case of MPEG-TS AV data, it adds 
a timestamp to each TS packet, and maps integrated TS packets 
5 with timestamps onto an RTP packet or an HTTP packtet. For 
example, it is possible to use an MPEG system clock frequency as the 
clock of timestamps to be added to the respective TS packets. By 
the timestamps added to the TS packets, it becomes possible to 
remove transmission jitters added to a Program Clock Reference 

10 (PCR) when an MPEG-TS is transmitted through a network and 
enable a receiver side to restore the MPEG system clock. 
[0024] A sixth invention, according to the first invention, relates 
to generating packets of AV data by means that the receiver side 
perfoms switching control of RTP and HTTP. For example, it 

is generates AV data packets using RTP which provides small delays in 
the case where AV data output of the receiver side is outputted to 
the display of the receiver side, or using HTTP which reduces the 
number of packet losses in the case where AV data output is stored 
in a storage medium. In this way, in the case where the receiver 

20 side outputs the AV data to the display by performing switching 
control, it becomes possible to transmit AV contents at a low delay 
rate and to transmit AV contents which become high quality through 
compensation of a signal loss due to a packet loss. 
[0025] A seventh invention includes a data input unit which 

25 respectively inputs AV data and non-AV data subjected to digital 
copyright protection such as Right Management & Protection (RMP) 
including charge processing, and a unit which is capable of inputting 
outpus of the data input unit and selecting an encryption 
transmission mode according to a digital copyright rule to be 

30 inputted. In other words, a packet transmitter and receiver unit 
which includes an encrypted data generation unit which executes 
encryption and a packet header addition unit which executes 
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addition of encryption information headers. The encrypted data 
generation unit includes an authentication unit, an encryption unit 
and an encryption information header addition unit. Additionally, it 
includes a control unit which controls the encryption unit to or not to 
5 execute encryption based on the prescribed transmitting and 
receiving conditions and controls the encryption information header 
addition unit to or not to execute addition of encryption information 
headers. 

[0026] In this way, it determines an encryption mode of an AV 
10 stream such as an MPEG-TS signal, which is subjected to digital 
copyright protection such as RMP information including charge 
processing, according to transmitting conditions by a predetermined 
rule provided from ouside and further determines addition of 
encryption information headers. This makes it possible to maintain 
15 confidentiality of an AV stream securing compatibility of a signal 
between packet transmitter and receiver apparatuses 
[0027] An eighth invention can reduce the processing load of the 
receiver side by transmitting contents which are being 
live-broadcast using the HTTP chunk transmission scheme. With 
20 the chunk transmission scheme, it becomes unnecessary that the 
receiver side (client) calculates header lengths and transmission 
content lengths to be added concerning the encryption each time an 
HTTP request is made. 

[0028] A ninth invention, according to the seventh invention, 
25 can realize trick playback such as fast forwarding, rewinding and 
slow playback by transmitting contents stored in a hard disc and the 
like using a range request of HTTP in a simple manner. 
[0029] Further, a tenth invention, according to the ninth 

invention, can realize high-quality trick playback such as slow 
30 playback, fast forwarding and rewinding by generating frame 
position information of I, P and B pictures as common formats 
according to byte position information and time information of I, P 
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and B pictures having different contents and different storage 
formats which are stored in a hard disc or an optical disc. 
[0030] Note that the present invention can be realized not only 
as a packet transmitter apparatus like this but also as a packet 
5 transmitting method, as a program for a packet transmitter 
apparatus, and as a recording medium such as a computer-readable 
CD-ROM on which the program is recorded. 

Effects of the Invention 

10 [0031] With the first invention, an encryption mode in 

transmission of the AV contents is determined according to a 
predetermined rule provided from outside. Further, since a rule for 
adding encryption information headers is determined, it is possible 
to secure compatibility of a signal maintaining confidentiality of the 

15 AV stream between packet transmitter and receiver apparatuses. 
[0032] With the second invention, in the authentication unit in 
the first invention, an authentication execution mode is determined 
based on control information of outside input. For example, a URI 
specifying an access position of each contents can be provided as 

20 control information inputted from outside, and each authentication 
mode is determined according to the URI format. As an example, in 
the case where the URI is extended by a Query format, information 
indicating that authentication is needed and the information of a TCP 
port number for authentication according to the Query information 

25 can be provided at the same time. In this way, an authentication 
execution mode can be determined based on control information to 
be inputted from outside. 

[0033] With the third invention of the present invention, in the 
encrypted data generation in the first invention, the AV stream's 
30 copy control information is complied with as prescribed transmitting 
conditions provided from outside, and an encryption mode and 
addition of encryption information headers are determined. In this 
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way, an encryption mode of the AV stream such as an MPEG-TS 
signal is determined according to the copy control information, and 
encryption information headers are added. Subsequently, packets 
of the AV data are generated and transmitted. Therefore, the 
5 packets are transmitted succeeding the copy control mode which 
has been set by the copyright owner of the AV contents. In other 
words, since processing by a predetermined rule can be performed, 
it becomes possible to secure compatibility of a signal between 
packet transmitter and receiver apparatuses protecting the 

10 copyright of the AV contents. 

[0034] With the fourth invention, the AV data and non-AV data in 
the fisrt invention are inputted into data buffers respectively, and 
outputted to the packet header addition unit while output priority 
control of these two buffers is performed. For example, the AV data 

15 is outputted preferentially from the data buffer while the buffer of 
the non-AV data is being controlled in order not to overflow. In this 
way, it becomes possible to preferentially transmit data with high 
importance among the AV data and the non-AV data. 
[0035] With the fifth invention, a timestamp is added to each 

20 data block which constitutes the AV data in the first invention, and 
integrated one or more data blocks with timestamps are mapped 
onto the payload part of an RTP packet or the payload part of an 
HTTP packet. For example, in the case of MPEG-TS AV data, a 
timestamp is added to each TS packet, and integrated TS packets 

25 with timestamps are mapped onto an RTP packet or an HTTP packtet. 
For example, it is possible to use an MPEG system clock frequency as 
the clock of timestamps to be added to the respective TS packets. 
With the timestamps added to the TS packets, it becomes possible to 
remove transmission jitters added to a Program Clock Reference 

30 (PCR) when an MPEG-TS is transmitted through a network and 
enable a receiver side to restore the MPEG system clock. 
[0036] With the sixth invention of the present invention, packets 
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of AV data in the first invention are generated by means that the 
receiver side performs switching control of RTP and HTTP. For 
example, AV data packets are generated using RTP which provides 
small delays in the case where AV data output is outputted to the 
5 display of the receiver side. AV data packets are generated using 
HTTP which reduces the numer of packet losses in the case where AV 
data output is stored in a storage medium. In this way, in the case 
where the receiver side outputs the AV contents to the display by 
performing switching control, it becomes possible to transmit AV 
10 contents at a low delay rate and to transmit AV contents which 
become high quality through compensation of a signal loss due to a 
packet loss. 

[0037] In addition, with the above invention, as to transmission 
of AV contents using a network, data bugging on the network is 

15 prevented and secure high-quality data transmission is realized. In 
this way, even in the case where a public net such as the Internet is 
used as a transmission path, it is possible to prevent bugging and 
leakage of priority data (AV data contents) to be transmitted in real 
time. In addition, it becomes possible to sell and charge AV data to 

20 be transmitted using the Internet or the like and to sell and 
distribute high-secure contents of Business to Business (B-B) and 
Business to Consumer (B-C). 

[0038] In addition, with the above invention, even in the case 
where AV contents are transmitted using hardware, software 

25 processing of general data packets are conventionally performed 
using a CPU. Hence, the addition of software makes it possible to 
transmit management information and control information as 
general data. Since the data amont of the information is very small 
compared to the AV data which is priority data, they can be realized 

30 using an inexpensive microprocessor such as a microcomputer, and 
thus a low-cost system can be realized. Note that no costly CPU 
and large scale memory are required even for the protocol 
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processing of priority packets which require a high load and a high 
transmission rate. In view of this, it is possible to provide a 
low-cost and high-function apparatus. 

[0039] In addition, with the seventh invention, attribute 

5 information of AV contents, which can be detected in a digital 
broadcasting signal to be received via ground broadcasting, satellite 
broadcasting, CATV or the Internet, is transmitted between the 
transmitter terminal and the receiver terminal using a data 
exchange protocol such as Universal Plug and Play (UPnP)-AV or 

10 HTTP. This makes it possible to determine an encryption mode and 
a transmission method of content attribute information in the case 
where AV contents are transmitted between the transmitter terminal 
and the receiver terminal. Further, a rule for adding encryption 
information headers is determined. Therefore, it becomes possible 

15 to secure compatibility of a signal maintaining confidentiality of an 
AV stream between packet transmitter and receiver apparatuses. 
The standard specifications of UPnP or UPnP-AV are made public in 
http://upnp . org. in http://upnp . org, for example, as to 
"MediaServer V 1.0 and MediaRenderer V 1.0", specifications of 

20 "MediaServer V 1.0", "MediaRenderer V 1.0", "ConnectionManager V 
1.0", "ContentDirectory V 1.0", "RenderingControl V 1.0", 
"AVTransport V 1.0", "UPnP (registered trademark) AV Architecture 
V. 83" are made public. 

[0040] In addition, as to transmission of AV contents using a 
25 network, data bugging on the network is prevented and 
highly-secure data transmission is realized. In this way, even in 
the case where a public net such as the Internet is used as a 
transmission path, it is possible to prevent bugging and leakage of 
priority data (AV data contents) to be transmitted in real time. In 
30 addition, it becomes possible to sell and charge AV data to be 
transmitted using the Internet or the like, and to sell and distribute 
highly secure contents of B-B and B-C. 
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[0041] In addition, even in the case where AV contents are 
transmitted using hardware, software processing of general data 
packets can be performed using a CPU conventionally. Hence, the 
addition of softare makes it possible to transmit data such as 
5 management information and control information as general data. 
The data amount of them is very small comparered to the AV data 
which is priority data. Therefore, they can be realized using an 
inexpensive microprocessor such as a microcomputer, and a 
low-cost system can be realized. Note that no costly CPU and a 
10 large scale memory are required even for the protocol processing of 
priority packets which require a high load and a transmission rate. 
In view of this, it is possible to provide a low-cost and high-function 
apparatus. 

[0042] In addition, this enables a client which is not compliant 
15 with RMP to view contents with a viewing or copying restriction by 
Right management & Protection Information (RMPI) including 
charge information used in the RMP of server broadcasting in Copy 
No More (CNM) or Copy Never (CN), and to accelerate propagation of 
server broadcasting. 
20 [0043] With the eighth invention, the processing load of the 
receiver side can be reduced by transmitting contents which are 
being live-broadcast using the HTTP chunk transmission scheme. 
With the chunk transmission scheme, it becomes unnecessary that 
the receiver side (client) calculates header lengths and transmission 
25 content lengths to be added concerning the encryption each time an 
HTTP request is made. 

[0044] With the ninth invention, trick playback such as fast 
forwarding, rewinding and slow playback can be realized by 
transmitting contents stored in a hard disc and the like using an 
30 HTTP range request in a simple manner. 

[0045] Further, with the tenth invention, in the ninth invention, 
trick playback such as slow playback, fast forwarding and rewinding 
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can be realized by generating common I-frame position information 
according to I-frame position information having different contents 
and different storage formats which are stored in a hard disc or an 
optical disc. 

5 

Brief Description of Drawings 

[0046] FIG. 1A and IB each is an illustration of a transmitting 
and receiving system in a conventional technique. 

FIG. 2 is a block diagram of the packet transmitter and 
10 receiver unit in the conventional technique. 

FIG. 3 is an illustration of a content transmission procedure in 
the case of applying the DTCP method for key exchange in the 
conventional technique. 

FIG. 4 is a diagram showing the configuration of an IEEE 1395 
15 isochronous packet in the conventional technique. 

FIG. 5 is a digram showing an example of a system applying 
the present invention. 

FIG. 6 is a flow chart showing a communication procedure in 
the system of the present invention. 
20 FIG. 7 is an illustration of a content transmisiion procedure in 

the case of applying the DTCP method for authentication and key 
exchange. 

FIG. 8 is an illustration of an example in the case of applying 
the present invention to a general home where an Ethernet 
25 (registered trademark) is used. 

FIG. 9 is a block diagram of the packet transmitter and 
receiver unit in a first embodiment of the present invention. 

FIG. 10 is an illustration of the protocol stack in the first 
embodiment of the present invention. 
30 FIG. 11 is a block diagram of the packet transmitter and 

receiver unit in a second embodiment of the present invention. 

FIG. 12 is a block diagram of the packet transmitter and 
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receiver unit in a third embodiment of the present invention. 

FIG. 13 is a block diagram of the packet transmitter and 
receiver unit in a fourth embodiment of the present invention. 

FIG. 14 is a block diagram of the packet transmitter and 
5 receiver unit in a fifth embodiment of the present invention. 

FIG. 15 is an illustration of the protocol stack in the fifth 
embodiment of the present invention. 

FIG. 16 is a diagram showing an example of specifications of 
an MPEG-TS frame configuration by the Ethernet (registered 
10 trademark) in the fifth embodiment of the present invention. 

FIG. 17 is a block diagram of the packet transmitter and 
receiver unit in a first variation and a second variation of the fifth 
embodiment of the present invention. 

FIG. 18A is an illustration of the packet generation unit in the 
15 first variation of the fifth embodiment of the present invention, and 
FIG. 18B is an illustration of the packet receiver unit in the first 
variation of the fifth embodiment of the present invention. 

FIG. 19 is a flow chart showing a transmission procedure of 
encrypted contents by the DTCP method in the first variation of the 
20 fifth embodiment of the present invention. 

FIG. 20 A is an illustration of the packet generation unit in the 

- » 

second variation of the fifth embodiment of the present invention, 
and FIG. 20B is an illustration of the packet receiver unit in the 
second variation of the fifth embodiment of the present invention. 
25 FIG. 21 is an illustration of the protocol stack in the second 

variation of the fifth embodiment of the present invention. 

FIG. 22 is an illustration in the case where an error correction 
scheme is the Reed-Solomon scheme. 

FIG. 23 is an illustration in the case where an error correction 
30 scheme is the parity scheme. 

FIG. 24 is a block diagram of the packet transmitter and 
receiver unit in a sixth embodiment of the present invention. 
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FIG. 25 is an illustration of the protocol stack in the sixth 
embodiment of the presnt invention. 

FIG. 26 is a block diagram of the packet transmitter and 
receiver unit in a first variation of the sixth embodiment of the 
5 present invention. 

FIG. 27 is a block diagram of the packet transmitter and 
receiver unit in a second variation of the sixth embodiment of the 
presnt invention. 

FIG. 28 is a block diagram of the packet transmitter and 
10 receiver unit in a seventh embodiment and an eighth embodiment of 
the present invention. 

FIG. 29 is a flow chart showing a transmission procedure of 
encrypted contents by the DTCP method in the seventh embodiment 
of the present invention. 
15 FIG. 30 is an illustration of the protocol stack in the seventh 

embodiment of the present invention. 

FIG. 31 is a block diagram showing the configuration of a 
packet transmitter and receiver unit in a ninth embodiment of the 
present invention. 

20 FIG. 32 is a block diagram showing the configuration of a 

packet transmitter and receiver unit in a tenth embodiment of the 
present invention. 

FIG. 33 is a digram showing the configuration of a picture 

information file. 

25 

(Numeral References) 

[0047] 101 Packet transmitter apparatus 

102 Router 

103 Packet receiver apparatus 

30 401, 401a to 401h Packet transmitter and receiver unit 

402 AKE unit 

403 Packet generation unit 
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404 Transmitting condition setting management unit 

405 Packet receiver unit 

406 Encrypted data generation unit 

407 Encrypted data decryption unit 

5 408 Receiving condition setting management unit 

409 Frame generation unit for packets to be transmitted 

410 Frame receiver unit 

2401, 2401a to 2401b Packet transmitter and receiver unit 
2402 TS stream identification unit 
10 2403 Transmitting condition setting management unit 

2404 DRM setting management unit 

2405 AKE unit 

2406 Packet generation unit 

2407 Encrypted data decryption unit 
15 2408 Frame generation unit 

2409 Frame receiver unit 

2410 Packet receiver unit 

2411 DRM content purchase settlement unit 

2412 Content meta information 
20 2413 Content buffer 

2414 Encryption unit 

2415 Encryption information header addition unit 

2416 HTTP/RTP header addition unit 

2417 Condition setting unit 
25 2418 Decryption unit 

2701 Storage unit 

Best Mode for Carrying Out the Invention 

[0048] Embodiments of the present invention will be described in 
30 detail with reference to figures. 

First, here will be described the outline of an example 
communication system to be applied in order to clarify the position 
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of the present invention. 

[0049] FIG. 5 is an example of a communication system applying 
the present invention. This communication system includes a 
packet transmitter apparatus 101 which transmits packets, a router 
5 102 which performs routing of the packets, and a packet receiver 
apparatus 103 which receives the packets. The packet transmitter 
apparatus 101 and the packet receiver apparatus 103 are 
apparatuses in the present invention. Into the packet transmitter 
apparatus 101, setting information of transmitting and receiving 
10 conditions, setting information of authentication and key exchange 
and an input stream (contents such as an MPEG-TS) are inputted. 
As shown in FIG. 6, it performs communication with a router 102, 
based on the following procedures 1 to 3. 

[0050] <Procedure 1> Perform settings of transmitting and 
15 receiving parameters. 

(Procedure 1-1) Perform settings of a Media Access Control 
(MAC) address, an IP addres, a TCP/User Datagram Protocol (UDP) 
port number and the like of a packet transmitter and receiver 
apparatus. 

20 (Procedure 1-2) Perform settings of a type of signal to be 

transmitted and the bandwidth. Perform settings concerning 
network operation using the IEEE 802. 1Q (VLAN ; Virtual LAN) 
standard between the packet transmitter apparatus 101 and the 
packet receiver apparatus 103 which function as Quality of Service 

25 (QoS) agents and the router 102 which functions as a QoS manager. 

(Procedure 1-3) Perform setting of priority (operation by the 
IEEE 802. lQ/p) 

[0051] <Procedure 2> Authentication and key exchange 

(Procedure 2-1) Perform authentication and key exchange. 
30 For example, it is possible to use the DTCP method. 

[0052] <Procedure 3> Stream transmission 

(Procedure 3-1) Transmit encrypted stream contents (an 
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MPEG-TS) between the packet transmitter apparatus and the packet 
receiver apparatus. 

[0053] As input signals of contents, there are an MPEG-TS, an 
MPEG-Program Stream (PS), an MPEG-Elementary Stream (ES), an 
5 MPEG- Packetized Elementarty Stream (PES) in MPEG-1/2/4 and the 
like. 

[0054] Here, an MPEG-TS is used in the example, but input 
signals are not limited to this. As for an application range of input 
contents which can be used in the present invention, the followings 

10 are applicable: an MPEG-TS stream (ISO/IEC 13818) in MPEG- 
1/2/4 and the like; a stream defined by the DV (IEC 61834 and IEC 
61883), the Society of Motion Picture & Television Engineers 
(SMPTE) 314M (DV-based), the SMPTE 259M (SDI), the SMPTE 305M 
(SDTI), the SMPTE 292M (HD-SDI), the ISO/IEC H. 264 and the like; 

15 and further general AV contents. 

[0055] Further, as for an application range of input data used in 
the present invention, the present invention is applicable to data file 
transfer. In the case of file transfer, even content transmission 
which is faster than real-time transmission is possible, on condition 

20 that a data transfer speed is greater than a normal playback data 
rate of a content stream, due to the relationship between processing 
performance of transmitter and receiver terminals and propagation 
delay time between the transmitter and receiver terminals. 
[0056] Next, authentication and key exchange in the above 

25 Procedure 2 will be additionally described. In FIG. 7, the packet 
transmitter apparatus 101 and the packet receiver apparatus 103 
are connected via an IP network. First, content protection mode 
information including copy protection information of the contents is 
transmitted from the packet transmitter apparatus 101 to the packet 

30 receiver apparatus 103. 

[0057] The packet receiver apparatus 103 analyzes the copy 
protection information of the contents, determines authentication 
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method to be used, and transmits the authentication request to the 
packet transmitter apparatus 101. 

[0058] Through this processing, the packet transmitter 

apparatus 101 and the packet receiver apparatus 103 share an 
5 authentication key. 

[0059] Next, the packet transmitter apparatus 101 encrypts an 
exhange key using the authentication key, transmits it to the packet 
receiver apparatus 103. The packet receiver apparatus 103 
decrypts the exchange key. 
10 [0060] In order to change the encryption key temporally, the 
packet transmitter apparatus 101 generates key exchange 
information which changes temporally, and transmits it to the 
packet receiver apparatus 103. 

[0061] The packet transmitter apparatus 101 generates an 

15 encryption key, based on the exchange key and the key exchange 
information, encrypts the MPEG-TS using this encryption key, and 
transmits it to the packet receiver apparatus 103. 
[0062] The packet receiver apparatus 103 restores the 

decryption key using the received key exchange information and the 

20 exchange key. The packet receiver apparatus 103 decrypts the 
encrypted MPEG-TS signal using this decryption key. 
[0063] FIG. 8 is an example in the case of applying this method 
to a two-floor home provided with LAN by the Ethernet (registered 
trademark). This home includes a network system 301 including a 

25 router 303 which is placed in the first floor, and a network system 
302 including a switching hub 304 which is placed in the second floor. 
The network 305 is the Ethernet (registered trademark) network 
which connects the router 303 and the switching hub 304. The 
bandwidths of all the Ethernet (registered trademark) networks in 

30 the home are 100 Mbps. 

[0064] As a configuration of the network system 301 of the first 
floor, a television (TV), a personal computer (PC), a DVD recorder 
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are connected to the router 303 using an Ethernet of 100 Mbps, and 
an air conditioner and a refridgerator are connected to the router 
303 using an ECHONET. 

[0065] In addition, in the second floor, a television (TV), a 
5 personal computer (PC), a DVD recorder are connected to the 
switching hub 304 using an Ethernet of 100 Mbps, and an air 
conditioner is connected to the switching hub 304 using an ECHONET. 
Note that ECHONET is a transmission scheme developed by the 
"ECHONET Consortium" (hyperlink "http://www. echonet. gr. jp/" 
10 http:// www. echonet. gr. jp/). 

[0066] Note that, in this home, for example, a TV, which receives 
contents subjected to digital copyright protection and distributes IP 
packets of the contents to apparatuses (an air conditioner, a DVD, a 
PC and a refridgerater) in the home, corresponds to the packet 
15 transmitter apparatus 101 of the present invention, and the 
respective apparatuses correspond to the packet receiver apparatus 
103. 

[0067] In FIG. 8, the personal computer (PC), the DVD recorder, 
the router 303 and the switching hub 304 are compliant with the 

20 IEEE 802. 1Q (VLAN). In other words, in the case where the data 
rates of all the ports of the router 303 and the switching hub 304 are 
the same (for example, 100 Mbps), on condition that the total 
bandwidths of data to be outputted to each specific port does not 
exceed a standard value or a real value of the transmission rate of 

25 the port, the data inputted to the input port is not lost inside the 
router (or the switching hub), and all the data are outputted to the 
output port. 

[0068] In the switching hub, even in the case where data are 
inputted to, for example, eight input ports at the same time, on 
30 condition that the output ports of the respective data are different, 
the respective data are subjected to switching without conflicting in 
the buffer inside the hab and are outputed through the output ports. 
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Therefore, no packets of the input data are lost, and all the data are 
outputted to the output ports. 

[0069] In FIG. 8, the bandwidths of all the Ethernet (registered 
trademark) networks in the home are 100 Mbps. Therefore, the 
5 bandwidth of the network 305 between the first floor and the second 
floor is also 100 Mbps. In the case where plural data flow between 
plural apparatuses in the first floor and the second floor, on 
condition that there is no restriction in the bandwidths of the 
respective data, the total data rate of the data which flow on this 

10 network 305 may exceed 100 Mbps, and a stream such as video 
application of an MPEG-TS which needs to be transmitted in real time 
may become discontinuous in the middle. In this case, in order to 
prevent such discontinuity of a stream that needs to be transmitted 
in real time, it is necessary to perform priority control of data to be 

15 transmitted. 

[0070] A problem like this can be solved by implementing stream 
transmission or a speed restriction mechanism of file transfer which 
will be described later on, not only in a terminal but also in a router 
and a switching hub. 

20 [0071] For example, in the case of setting the transmission 
priority of the MPEG-TS stream higher than the transmission priority 
of data transferred in a file, it becomes possible to encrypt the 
MPEG-TS between the DVD recorder, the PC and the TV in the first 
floor and the second floor at the same time and to transmit it in real 

25 time using HTTP and RTP, while performing the file transfer between 
the PCs in the first floor and the second floor. 

[0072] As for the outline, configuration and operation of HTTP 
(the IETF standard, the RFC 2616, and the RFC 1945), for example, 
the following explains them: "Intanetto -Purotocoru Shosetsu (1) 
30 (Detailed Explanation of the Internet Protocol (1), First Part, 
serialized in the Hyper Text Transfer Protocol (HTTP)"; and Web 
information, http://www. atmarkit . co . jp/fnetwork/rensai/ 
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netproOl/netproOl. Html. 

[0073] The transmission speed restriction mechanism in the 
router 303 or the switching hub 304 which described earlier can be 
realized by data flow control. In other words, it is possible to 
5 realize it by comparing data with high priority and the data with low 
priority in an input data queue of the router (or the switching hub), 
and preferentially output the data with high priority. As a buffer 
control rule used in this priority control scheme, there are the Round 
Robin Queuing, the Fluid Fair Queuing, the Weighted Fair Queuing, 
10 the Self-synchronizing Fair Queuing, Wireless Fluid Fair Queueing, 
Virtual Clock Queuing, Class-based Queuing. Information 
concerning these queuings is described in, for example, "Nettowaku 
QoS Gijutsu (Network QoS Technique)", Chapter 12, written by Iwao 
Toda, published by Ohmsha, May 25, 2001 (First Edition). 

15 

[0074] (First Embodiment) 

First, a first embodiment of the present invention will be 
described. FIG. 9 is a block diagram showing the configuration of a 
packet transmitter and receiver unit 401 in this embodiment. This 

20 packet transmitter and receiver unit 401 is a virtual function block 
which shows a packet transmitter unit provided with the packet 
transmitter apparatus 101 shown in FIG. 5 and a packet receiver 
unit provided in the router 102. Additionally, it may be a functional 
block showing a single packet transmitter and receiver unit which 

25 has a packet transmitting and receiving function (this is true of the 
packet transmitter and receiver unit(s) in all the following 
embodiments). 

[0075] This packet transmitter and receiver unit 401 is an 
apparatus which performs packet transmitting and receiving by 
30 encryption using AKE. It includes an AKE unit 402, a packet 
generation unit 403, a transmitting condition setting management 
unit 404, a packet receiver unit 405, an encrypted data generation 
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unit 406, an encrypted data decryption unit 407, a receiving 
condition setting management unit 408, a frame generation unit 409 
and a frame receiver unit 410. The functions of the respective 
functional components will be described according to a transmission 
5 procedure. 

[0076] The transmitting condition setting management unit 404 
obtains AV data information including input terminal information 
indicating a terminal to which AV data (transmission data) is 
inputted, data format information indicaing the data format of the 

10 AV data and the attribute information indicating the attribute of the 
AV data, and controls generation of headers and payload data 
(performs settings of parameters) in the packet generation unit 403 
and the frame generation unit 409. To be more specific, such AV 
data information is: types of data to be transmitted, information 

15 concering transmission destination addresses and port numbers, 
information of paths to be used in the transmission (routing 
information), the bandwidths of the data to be transmitted, the 
setting information of the transmitting conditions such as 
transmission priority of the data to be transmitted, maganement 

20 control data of the apparatus in a transmission unit (local) and a 
receiving unit (remote), and the data for providing the transmitter 
side with a feedback of a receiving status. 

[0077] In an example case where a signal to be handled is an 
MPEG-TS signal of AV data, it should be noted that the input 

25 terminal information indicating terminals, in the packet transmitter 
and receiver unit 401, to which AV data (transmission data) are 
inputted include: (1) an input terminal of digital broadcasting (in the 
case of Japan, there is an RF input terminal which is compliant with 
groud digital broadcasting, BS digital broadcasting, and 110 CS 

30 digital broadcasting with a wide bandwidth), (2) an IEEE 1394 D-I/F, 
(3) a USB-I/F, (4) an IP-I/F (differentiation of an Ethernet 
(registered trademark) network, a wireless LAN or the like), (5) 
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alanog video and audio input (in this case, analog video and audio 
inputted inside the packet transmitter and receiver unit 401 is 
converted into an MPEG-TS signal). As for digital broadcasting, 
note that there provided explanation in the Journal of the Institute 
5 of Image Information and Television Engineers, Vol. 58, No. 5, pp. 
604 to 654. 

[0078] In addition, in an exmple case where a signal to be 
handled is an MPEG-TS signal of AV data, the data format 
information indicating the data format of the AV data in the packet 

10 transmitter and receiver unit 401 shows a MIME-Type or a media 
format of the MPEG-TS. For example, the media formats of the 
respective still picture media, music media and video media handled 
by the transmitter unit (server) or the receiver unit (client) are 
determined. As the media format of still pictures, there are JPEG, 

15 PNG, GIF and TIFF. In addition, as the media format of music, there 
are linear PCM, AAC, AC-3, ATRAC-3 plus, MP-3, WMA and the like. 
In addition, as the media format of moving pictures (video), there 
are MPEG-2, MPEG-1, MPEG-4, WMV and the like. They are defined 
also in, for example, the Digital Living Network Alliance (DLNA; 

20 homepage: www. dlna. org). In the version 1.0 of DLNA, the 
server (the transmitter side of contents, the source in DTCP) is 
called Digital Media Server (DMP) and the client (the receiver side of 
contents, the sink in DTCP) is called Digital Media Player (DMP). 
The DMS is composed of the MediaServer (MS) and the ControlPoint 

25 (CP) of a UPnP-AV, and the DMP is composed of the MediaRenderer 
(MR) and ControlPoint (CP) of the UPnP-AV. As to the MS, MR and 
CP of the UPnP-AV, they are described in the homepage of UPnP: 
www/upnp. Org. 

[0079] In the case of a video media format, it has additional 
30 parameters such as (1) differentiation of a resolution (SD or HD), 
(2) differentiation between TV schemes (broadcasting schemes 
based on NTSC, PAL and SECAM in analog, and in digital the ARIB 
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standard such as ATSC in the United States, DVB in Europe and ISDB 
in Japan), (3) presence or absence of additional information such as 
a timestamp format. In the case of video, for example, it should be 
noted that the MIME-Types of an MPEG-PS and an MPEG-TS are 
5 "mpeg/video". Therefore, the use of the additional information 
makes it possible to perform finer handling and controlling of video 
media. 

[0080] The outline of the ARIB standard concerning digital 
broadcasting is explaned in, for example, the Matsushita Technical 

10 Journal, February, 2004, Vol. 50, No. 1, pp. 7 to 12. 

[0081] In addition, here is an example case where a signal of the 
AV data to be handled is an MPEG-TS signal which has been 
broadcast from a broadcasting station in a ground digital 
broadcasting system in Japan and selected by a receiver in a home 

15 or the like (To be more exact, the MPEG-TS signal is a partial 
transport signal which is defined as an input and output transport 
stream of a serial interface, in the ARIB standard, the ARIB STD B21, 
Chapter 9.). Attribute information indicates the attribute of AV 
data in the packet transmitter and receiver unit 401, and as the 

20 attribute information to be transmitted from a broadcasting station 
as PSI/SI information, there are a channel name (broadcasting 
station name), a channel number, a program name, a program genre, 
a scheduled broadcast starting time, a scheduled broadcast ending 
time, information concering program contents, the resolusion of a 

25 program, information concerning viewer restriction such as parental, 
copy control information, viewing fee and the like. As to PSI, it is 
defined in the ARIB technical document, the ARIB TR-B14 and the 
ARIB TR-B15. 

[0082] The AKE unit 402 includes an authentication unit 413 and 
30 a key exchange unit 414. This AKE unit 402 obtains setting 
information (AKE setting information) concerning authentication 
and key exchange, and outputs information related to this AKE 
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setting information, for example, copy protection information and 
encryption key exchange information to the packet generation unit 
403. 

[0083] The packet generation unit 403 (403a) adds the 

5 information related to the AKE setting information transmitted from 
the AKE unit 402 to TCP/IP packets as the headers, according to the 
transmission parameters transmitted from the transmitting 
condition setting management unit 404, and transmits them to the 
frame generation unit 409. 

10 [0084] The frame generation unit 409 furhter adds MAC headers 
to the IP packets from the packet generation unit 403, according to 
the transmission parameters transmitted from the transmitting 
condition setting management unit 404. By doing this, it converts 
them into Ethernet (registered trademark) frames and outputs them 

15 to a network as frames to be transmitted. 

[0085] At the receiver side, the frame receiver unit 410 receives 
IP packets by filtering, based on the MAC headers, the signals 
(frames) to be inputted through the network, and passes the IP 
packets to the packet receiver unit 405. 

20 [0086] The packet receiver unit 405 (405a) performs filtering of 
the IP packets transmitted from the frame receiver unit 410 by 
identifying the headers of the IP packets, and outputs the IP packets., 
to the AKE unit 402. In this way, the AKE unit of the transmitter 
side and the AKE unit of the receiver side are connected through the 

25 network. Therefore, they can exchange messages with each other 
through a communication protocol. In other words, authentication 
and key exchange are performed according to a setting procedure of 
the AKE unit. 

[0087] Once the authentication and key exchange are 

30 established between the transmitter side and the receiver side, the 
encrypted AV data are transmitted. 

At the transmitter side, an MPEG-TS signal is inputted to the 
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encrypted data generation unit 406, and an encryption unit 411 
inside the encrypted data generation unit 406 encrypts the MPEG-TS 
signal. Subsequently, the encryption information header addition 
unit 412 adds, to the packets, AKE information such as the earlier 
5 mentioned EMI and seed information (all bits of seed information or 
a part of bits such as O/E) to be transmitted from the AKE unit 402 
as encryption information headers, and outputs them to the packet 
generation unit 403. The packet generation unit 403 adds TCP/IP 
headers to the data from the encrypted data generation unit 406, 

10 using parameters such as transmitting conditions from the 
transmitting condition setting management unit 404, and transmits 
the data to the frame generation unit 409. The frame generation 
unit 409 adds MAC headers to the IP packets from the packet 
generation unit 403 using the 802. 1Q (VLAN) scheme. By doing so, 

15 it converts them into Ethernet (registered trademark) frames and 
outputs them to a network as frames to be transmitted. Here, by 
setting higher the Priority (user priority) inside the Tag Control 
Informaition (TCI) in the MAC headers makes it possible to set the 
network transmission priority of the data higher than the priority of 

20 generaral data. 

[0088] At the receiver side, singals to be inputted via a network 
are filtered based on the MAC headers by the frame receiver unit 410, 
and obtained singals are inputted to the packet receiver unit 405 as 
IP packets. They are filtered based on the packet headers by the 

25 packet receiver unit 405 through identification, and inputted in the 
encrypted data decryption unit 407. They are subjected to removal 
of the encryption information headers and decryption of the 
encryption and the decrypted MPEG-TS signal is outputted by the 
encrypted data decryption unit 407. 

30 [0089] Note that, data for providing the transmitter side with a 
feedback of the receiving status through the receiving condition 
setting management unit 408 is inputted to the transmitting 
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condition setting management unit 404. Additionally, headers and 
payload data of the IP packets generated by the packet generation 
unit 403, and headers and payload data of the Ethernet (registered 
trademark) frames to be generated by the frame generation unit 409 
5 are set in the transmitting condition setting management unit 404. 
[0090] Next, a supplemental description of the above procedure 
will be provided next with reference to FIG. 10. At the transmitter 
side shown in FIG. 10, encrypted contents and the protection mode 
information of the contents are transmitted from the transmitter 

10 side to the receiver side first. The receiver side analyzes the copy 
protection information of the contents, determines an 
authentication method, and transmits the authentication request to 
the packet transmitter apparatus. Next, it generates a random 
number, inputs this random number into a predetermined function 

is so as to generate an exchange key. It inputs information of the 
exchange key into a predetermined function so as to generate an 
authentication key. The transmitter side shares the authentication 
key according to predetermined processing. Note that, as for 
encryption information used here, for example, it is the infomraiton 

20 generated as a combination of one or more units of information such 
as unique information of the transmitter side (the apparatus ID, the 
apparatus authentication information, MAC addresses and the like), 
information provided from a secret key, a public key and outside, 
and the like. The information can be strongly encrypted by using 

25 an encryption scheme with a strong encryption strength such as the 
DES method and the AES method. Subsequently, the transmitter 
side encrypts the exchange key using the authentication key and 
transmits the encrypted exchange key to the receiver side. The 
receiver side decrypts the exchange key. In addition, it inputs the 

30 exchange key and initial key update information into a 
predetermined function so as to generate an encryption key. Note 
that the transmitter side generates key update information which 



-33 - 



• 4 



changes temporally and transmits it to the receiver side in order to 
change the encryption key temporally. The MPEG-TS which is the 
contents is encrypted using the encryption key. Subsequently, TCP 
packets are generated using the encrypted MPEG-TS which is AV 
5 data, as the payloads of TCP (or UDP) packets. Further, these TCP 
packets are used as the data payloads of these IP packets so as to 
generate IP packets. Further, these IP packets are used as the 
payloads of MAC frames so as to generate Ethernet (registered 
trademark) MAC frames. Note that they can be applied to not only 
10 as MAC frames by the IEEE 802.3 which is an Ethernet (registered 
trademark) but also MAC frames by the IEEE 802.11 which is a 
wireless LAN standard. 

0091] By the way, the Ethernet (registered trademark) MAC 
frames are transmitted from the transmitter side to the receiver 

15 side on the Ethernet (registered trademark). The receiver side 
generates a decryption key according to a predetermined procedure. 
Subsequently, IP packets are selected by filtering the received 
Ethernet (registered trademark) MAC frames. Further, TCP (or 
UDP) packets are extracted from the IP packets. Subsequently, AV 

20 data are extracted from the TCP (or UDP) packets, the MPEG-TS 
(contents) is decrypted using the decryption key restored based on 
the exchange key and key exchange information, and the decrypted 
MPEG-TS (contents) is outputted. 

[0092] As described above, with this embodiment, it is possible 
25 to encrypt an AV stream such as an MPEG-TS signal and transmit the 
IP packets via a network by the packet transmitter apparatus, and to 
decrypt it into an original signal by the packet receiver apparatus. 
[0093] Note that, in FIG. 8, it is possible to make stream 
transmission and file transfer coexist by contriving a network 
30 topology using a switching hub. For example, it is possible to 
encrypt an MPEG-TS and transmit the encrypted MPEG-TS in real 
time between a DVD recorder, a PC and a TV in the first floor and the 
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second floor at the same time while performing file transfer between 
the PCs in the first floor and the second floor, by extending the 
bandwidth of the network 305 between the first floor and the second 
floor from 100 Mbps mentioned in the conventional technique to 1 
Gbps. For example, using an on-sale switching hub with eight ports 
of 100 Mbps and a port of 1 Gbps, the port of 1 Gbps is connected to 
the network 305 which connects the first floor and the second floor, 
and the remaining eight channels of 100 Mbps are connected to AV 
apparatuses such as a TV. Since there are eight ports of 100 Mbps, 
even in the case where data having 100 Mbps at most are inputted 
to the respective eight ports and the data are outputted to the port 
of 1 Gbps, 100 Mbps multiplied eight channels equals 800 Mbps and 
smaller than 1 Gbps, the data inputted from the eight ports are not 
lost inside the switching hub and all the data are outputted to the 
port of 1 Gbps. Hence, it is possible to transmit all the data 
generated in the first floor to the second floor. In addition, it is 
possible to transmit all the data generated in the second floor to the 
first floor vise versa. As described above, in the case of using a 
switching hub, it is possible to make stream transmission and file 
transfer coexist by contriving a network topology. 

[0094] (Second Embodiment) 

Next, a second embodiment of the present invention will be 
described. FIG. 11 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 401a in this embodiment. In 
FIG. 11, it has the same configuration as the packet transmitter and 
receiver unit 401 shown in FIG. 9 except that it has an 
authentication mode determination unit 601. Hence, the new part 
will be described below. 

[0095] In FIG. 11, as shown in this figure, a TCP port number for 
authentication is inputted in the transmitting condition setting 
management unit 404 as management control data such as the AKE 



-35- 



setting information to the AKE unit 402. Here, the TCP port 
information for authentication is provided according to the URI 
specifying an access position of each contents or each broadcasting 
channel, or URI information extended by a Query. At this time, as 
5 to the URI, URI information is mapped onto the principal data part of 
the contents and authentication information of the contents are 
mapped onto the Query part. In this way, it is possible to perform 
mode settings in a way that URI information with no Query part 
indicates that no authentication is necessary for transmitting the 
10 contents and that URI information with Query part indicates that 
authentication is necessary for transmitting the contents. An 
example of URI and a Query can be provided according to the 
following format or the like. 

[0096] < service > ://<host> : <port>/<path>/ 

15 <filename>. <ext>?AKEPORT=<port2> 

Here, <host> : < port >/< path >/< filename > . <ext> 
represents the URI and the file name of AV contents, and <port2> in 
the Query part starting with represents the port number for 
authentication. Note that this is true of a case where the IP address 

20 of the port for authentication is the same as the IP address of the AV 
contents. 

[0097] The transmitter side provides authentication execution 
mode information using the URI and Query to the receiver side. 
The receiver side can receive the URI and Query using a Web brouser 
25 or Content Directory service (CDS) of a UPnP-AV, and the 
authentication mode determination unit 601 can determine an 
authentication mode. The other operations are the same as the 
ones in the first embodiment. 

30 [0098] (Third Embodiment) 

Next, a third embodiment of the present invention will be 
described. FIG. 12 is a block diagram showing the configuration of 
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a packet transmitter and receiver unit 401b in this embodiment. In 
FIG. 12, the packet transmitter and receiver unit 401a has the same 
configuration as the packet transmitter and receiver unit 401a in the 
second embodiment shown in FIG. 11 except that input source 
5 information (broadcast or stored) of AV data is inputted into the 
transmitting condition setting management unit 404. Hence, the 
new part will be described below. 

[0099] From the transmitting condition setting management unit 
404, necessary data among the input source information 

io (broadcast or stored) of inputted AV data are extracted and 
outputted to the encrypted data generation unit 406. Subsequently, 
the encryption information header addition unit 412 inside the 
encrypted data generation unit 406 adds the necessary data 
transmitted from the transmitting condition setting management 

15 unit 404 as encryption information headers in the follwing manner. 
[0100] As for the input source information (broadcast or stored) 
of the AV data to be inputted into the transmitting condition setting 
management unit 404, for example, next cases are conceivable. 

(Case 1) The case where AV data is the contents to be 

20 received by a broadcasting channel which broadcasts copy-free 
contents. As an example of broadcasting channels like this, there 
are a broadcasting channel of VHF and UHF which are analog 
broadcasting or BS analog broadcasting. 

(Case 2) The case where AV data is the contents received by 

25 a broadcasting channel which broadcasts contents other than 
copy-free contents even in a predetermined period. As an example 
of broadcasting channels like this, there are toll channels of BS 
digital broadcasting and toll channels by CATV broadcasting. Copy 
control information of broadcasting channels which broadcast 

30 contents other than copy-free contents even in this predetermined 
period is characterized by that it changes from minutes to minutes 
depending on the broadcast contents. The copy control information 
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is Copy Never, Copy One Generation and Copy Free with an 
Encryption Plus Non-assertion (EPN) flag. 

[0101] Here, receiving broadcasting channels which broadcast 
contents other than copy-free contents even in a predetermined 
5 period can be controlled to be done in the case where the 
authentication unit of a provider which distributes broadcast 
authenticates the receiver apparatus or the receiving user as 
authorized receiver apparatus or receiving user. As examples of 
authentication, authentication by a security module such as a 
10 BS-Conditional Access Systems (B-CAS) card of digital satellite 
broadcasting in Japan, a POD card used in CATV broadcasting in the 
United States and the like are conceivable. 

[0102] In addition, addition control of encryption information 
headers is performed in the following manner or the like. More 

15 specifically, they are not added in the case where a broadcasting 
channel which broadcasts copy-free contents is received, but they 
are added in the case where a broadcasting channel, which 
broadcasts contents other than copy-free contents even in a 
predetermined period, is received. Further, in the case where AV 

20 data is contents, having a Copy Free title, played back from a 
storage medium, they are not added. Additionally, in the case 
where AV data is contents, having a title other than the Copy Free 
title, played back from a storage medium, they are added. 
[0103] As described above, it is possible to succeed and transmit 

25 the copy control information (CCI) of the AV contents which has 
been set by the copyright owner even in network transmission, by 
performing addition control of the encryption information headers. 
Further, that the transmitter side and the receiver side use the same 
addition contol rule of encryption information headers makes it 

30 possible to secure operation compatibility between different 
apparatuses. 
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[0104] (Fourth Embodiment) 

Next, a fourth embodiment of the present invention will be 
described. FIG. 13 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 401c in this embodiment. In 
5 FIG. 13, the packet transmitter and receiver unit 401c has the same 
configuration as the packet transmitter and receiver unit 401 in the 
first embodiment shown in FIG. 9 except that it has a transmission 
queue control unit 801, a first queue 802 and a second queue 803. 
Hence, the new parts will be described below. 

10 [0105] AKE setting information is inputted to the AKE unit 402. 
The followings are inputted from the transmitting condition setting 
management unit 404 to the packet generation unit 403: setting 
information of transmitting conditions such as information related to 
this AKE setting information (for example, copy protection 

15 information and encryption key update information), types of data 
to be transmitted, information of a transmission destination address 
and a port number, information of a path to be used in transmission 
(routing information), the bandwidth of the data to be transmitted, 
transmission priority of the data to be transmitted and the like; 

20 management control data of the apparatuses in the transmitter unit 
(local) and the receiver unit (remote); and the data for providing the 
transmitter side with a feedback of a receiving status. The data is 
subjected to the TCP/IP processing performed in the packet 
generation unit 403, and TCP/IP packets are inputted into the first 

25 queue 802. In addition, in the transmitter side, an MPEG-TS signal 
is inputted to the encrypted data generation unit 406, and the 
MPEG-TS signal is encrypted in the encrypted data generation unit 
406. Subsequently, this encrypted MPEG-TS signal is inputted into 
the packet generation unit 403. The signal is subjected to TCP/IP 

30 processing performed in the packet generation unit 403, and the 
packets are inputted into the second queue 803. 
[0106] The transmission queue control unit 801 performs output 
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priority control of data in the case where data exist in the first queue 
802 and the second queue 803. In a normal state, it performs 
output control so that contents data such as an MPEG-TS is 
outputted preferentially to general data. For example, in the case 
5 where an MPEG-TS is transmitted at a low latency (low delay) 
between packet transmitter and receiver apparatuses, a buffer for 
MPEG-TSs becomes smaller and thus a buffer tends to overflow. In 
the case where a buffer for MPEG-TSs at the transmitter side is likely 
to overflow, or in the case where it is found that a buffer for 
io MPEG-TSs at the receiver side is likely to overflow, referring to the 
feedback information provided by the receiver side, it is possible to 
prevent buffer failures by adaptively increasing the priority of the 
second queue 803 so that the MPEG-TS data is outputted 
preferentially. 

15 [0107] It is good to increase the priority of the first queue 802 
adaptively in order to increase a response speed of apparatus 
control such as playback and pause of the receiver side apparatus 
(remote apparatus). However, it should be noted that the 
earlier-mentioned buffer for MPEG-TSs may overflow or underflow in 

20 this case. 

[0108] As another method of preventing such buffer overflow or 
underflow and increasing the response speed of apparatus control 
such as playback and pause of the receiver side apparatus (remote 
apparatus), to output packets for apparatus control directly to the 

25 frame generation unit 409 bypassing the first queue 802 and the 
second queue 803 makes it possible to realize a fast control 
response. Otherwise, according to a method of preparing a new, 
third queue for the packets for apparatus control makes it possible 
to realize a fast control response. Note that the operations of the 

30 receiver side are the same as the ones in the first embodiment. 

[0109] (Fifth Embodiment) 
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Next, a fifth embodiment of the present invention will be 
described. FIG. 14 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 401d in this embodiment. In 
FIG. 14, the packet transmitter and receiver unit 401d has the same 
5 configuration as the packet transmitter and receiver unit 401c in the 
fourth embodiment shown in FIG. 13 except that it has: a first 
packet generation unit 901 and a second packet generation unit 902 
inside the packet generation unit 403; and a first packet receiver 
unit 903 and a second packet receiver unit 904 inside the packet 

10 receiver unit 405. 

[0110] In FIG. 14, AKE setting information is inputted to the AKE 
unit 402. The followings are inputted to a first packet generation 
unit 901: setting information of transmitting conditions such as 
information related to this AKE setting information (for example, 

15 copy protection information and encryption key update information), 
types of data to be transmitted, information of a transmission 
destination address and a port number, information of a path to be 
used in transmission (routing information), the bandwidth of the 
data to be transmitted, transmission priority of the data to be 

20 transmitted and the like; management control data of the 
apparatuses in the transmitter unit (local) and the receiver unit 
(remote); and the data for providing the transmitter side withra 
feedback of a receiving status. The data is subjected to TCP/IP 
processing performed in the packet generation unit 901, according 

25 to software processing using a processor, and the TCP/IP packets are 
inputted into the first queue 802. 

[0111] In the transmitter side, an MPEG-TS signal is inputted to 
the encrypted data generation unit 406, and the MPEG-TS signal is 
encrypted in the encrypted data generation unit 406. Subsequently, 
30 this encrypted MPEG-TS signal is inputted into the packet generation 
unit 403 so as to be subjected to UDP/IP processing by hardware, 
and the UDP/IP packets are inputted into the second queue 803. 



-41 - 



[0112] The transmission queue control unit 801 performs output 
priority control of data from these two queues in a similar manner to 
the earlier mentioned second embodiment, in the case where data 
exist in both the first queue 802 and the second queue 803. 
5 [0113] By the way, in the receiver side, signals are filtered based 
on MAC headers in the frame receiver unit 410 so as to obtain IP 
packets to be inputted via a network. Here, the IP packets 
outputted from the first packet generation unit 901 are inputted into 
the first packet receiver unit 903, and the IP packets outputted from 

10 the second packet generation unit 902 are inputted into the second 
packet receiver unit 904. In the first packet receiver unit 903, 
TCP/IP receiving processing of the packets is performed according to 
software processing using a processor, and the packets are 
outputted to the AKE unit 402 or the receiving condition setting 

15 management unit 408. In addition, in the second packet receiver 
unit 904, UDP/IP receiving processing of the packets is performed 
according to hardware processing, and the packets are inputted to 
the encrypted data decryption unit 407. The encrypted packets are 
decrypted in the encrypted data decryption unit 407 so as to output 

20 an MPEG-TS. 

[0114] Next, the procedure will be described with reference to 
the protocol stack in FIG. 15. In FIG. 15, the protocol stack is the 
same as the protocol stack shown in FIG. 10 except that the 
transmission layer of the AV data such as MPEG-TS is UDP. Hence, 

25 the new part will be described below. In the transmitter side shown 
in FIG. 15, the MPEG-TS which is contents is encrypted using an 
encryption key Kc. Subsequently, as AV data, the encrypted 
MPEG-TS with the earlier-mentioned EMI and seed information are 
made into payloads of UDP packets by hardware so as to be made 

30 into UDP packets. Further, these UDP packets are used as the data 
payloads of IP packets so as to generate IP packets. 
[0115] As a transmission method of EMI and seed information 
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from the transmission side to the receiver side, for example, note 
that it is possible to generate and transmit other packets exclusive 
for them. By doing so, it become further difficult to perform 
restoration of an encryption key, and perform bugging and leakage 
5 of the contents. In addition, in the case where AV data to be 
transmitted in real time via a public net such as the Internet are 
subjected to encryption parameter change or transmitted in 
different packets, it is possible to make it difficult to peform bugging 
and leakage of the AV data. As for management control data, 
10 similar to the example of FIG. 10, TCP packets are generated 
through software processing and the TCP packets are made into IP 
packets. 

[0116] By the way, Ethernet (registered trademark) MAC frames 
are transmitted from the transmitter side to the receiver-side on the 

15 Ethernet (registered trademark). A descryption key is generated 
according to a predetermined procedure at the receiver side. 
Subsequently, IP packets are obtained by filtering the received 
Ethernet (registered trademark) MAC frames. Further, UDP 
packets are extracted from the IP packets, and AV data is extracted 

20 from the UDP packets. An MPEG-TS (contents) are decrypted by 
the decryption key Kc restored based on the exchange key and the 
seed information, and the decrypted MPEG-TS is outputted. 
[0117] FIG. 16 shows an example of a packet format in the case 
where an MPEG-TS is made into IP packets, and the IP packets are 

25 further made into Ethernet (registered trademark) frames, and the 
Ethernet frames are transmitted. A time code (TC) of 6 bytes is 
added to an MPEG-TS of 188 bytes so as to generate a unit of 194 
bytes. A TC is composed of a timestamp of 42 bits and a base clock 
ID (BCID) of 6 bits. It is possible to represent frequency 

30 information of a timestamp by the BCID. For example, in the case 
where the BCID is 0x00 (Case 1), there is no frequency information 
of a timestamp. In the case where the BCID is 0x01 (Case 2), as for 
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frequency information of a timestamp, it is 27 MHz (MPEG-2 system 
clock frequency). In the case where the BCID is 0x02 (Case 3), as 
for frequency information of a timestamp, it is 90 kHz (the clock 
frequency used in MPEG-1). In the case where the BCID is 0x03 
5 (Case 4), as for frequency information, it is 24.576 MHz (the clock 
frequency used in the IEEE 1394. In the case where the BCID is 
0x04 (Case 5), as for frequency information of a timestamp, it is 100 
MHz (the clock frequency used in the Ethernet (registered 
trademark)). In this way, the BCID can represent frequency 

10 information of a timestamp. Data of two 194-byte units are 
combined and encrypted, and further combined with an encryption 
information header of 14 bytes so as to generate an RTP payload. 
Here, the encryption information header is composed of EMI of 4 bits, 
seed information of 64 bits and Reserved Data of 12 bits. The RTP 

15 packets are made into UDP packets, IP packets, and then Ethernet 
(registered trademark) frames. As for Ethernet (registered 
trademark) headers, as shown in FIG. 16, it supports both a 
standard Ethernet (registered trademark) header and an Ethernet 
(registered trademark) header extended by the IEEE 802. 1Q (VLAN). 

20 Note that it is possible to set priority of an Ethernet (registered 
trademark) frame by the Priority flag of 3 bits in the TCI field in the 
Ethernet (registered trademark) header extended by the IEEE 
802. 1Q (VLAN). 

[0118] In this way, it becomes possible to encrypt an MPEG-TS 
25 signal and transmit it in real time between packet transmitter and 
receiver apparatuses. Further, since the second packet generation 
unit 902 is configured to be hardware, no left packet to be 
transmitted and unreceived packet is generated inherently 
stemming from software processing. In this way, all the priority 
30 data packets are completely transmitted, and it becomes possible to 
transmit high-quality video with guaranteed real-timeliness. In 
addition, general data is temporarily stored in a buffer unit, and 



-44- 



t .» 



intermittently transmitted while transmission of the priority data is 
preferentially performed. In addition, the first packet generation 
unit 901 with a small data amount can be processed by an 
inexpensive processor such as a microcomputer. 
5 [0119] Further, by hardware processing, it is also possible to 
receive Ethernet (registered trademark) frames in receiving 
processing and check the IP headers in the third layer and the UDP 
headers in the fourth layer in the OSI reference model. By 
separating MPEG-TS packets and general packets and performing 
10 the processing of these MPEG-TS packets, it is possible to prevent 
occurrence of unreceived frames and realize high-quality reception 
where real-timeliness is guaranteed. 

[0120] In the case of controlling packet transmission timings or 
the data transmission ratio from two transmission data queues by 

15 not software but hardware, it is possible to perform transmission 
control on a clock-by-clock basis. In this way, all the priority 
packets are completely transmitted, and it becomes possible to 
perform high-quality transmission where real-timeliness is 
guaranteed. In addition, shaping of packets to be outputted is 

20 peformed finely by a clock-by-clock basis. Therefore, it becomes 
possible to perform high-quality communication with a low 
occurrence probability of packet discarding in a first-step router or a 
switching hub. 

[0121] Here, a first variation in this embodiment will be 

25 described. FIG. 17 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 401e in the variation, and it is 
an example in the case where the DTCP method is used for the AKE 
unit. In addition, FIG. 18A is an illustration of a first packet 
generation unit 901 and a second packet generation unit 902 inside 
30 the packet generation unit 403. FIG. 18B is an illustration 
concerning packet processing in a first packet receiver unit 903 and 
a second packet receiver unit 904 inside the packet receiver unit 
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405. 

[0122] As shown in FIG. 17, the packet transmitter and receiver 
unit 401e has the same configuration as the packet transmitter and 
receiver unit 401d in the fifth embodiment shown in FIG. 14 except 
5 that it has a DTCP information generation unit 1201 inside the AKE 
unit 402, an AKE command receiving processing unit 1202, an AKE 
command transmission processing unit 1203, an exchange key 
generation unit 1204, an encryption key generation unit 1205, an 
encryption key exchange information generation unit 1206 and a 
10 decryption key generation unit 1207. Thus, these new parts will be 
described below. 

[0123] This packet transmitter and receiver unit 401e performs 
transmission of encrypted contents according to the DTCP method in 
the following steps as shown in the flow chart of FIG. 19. 

is (Step Sll) Copy control information is inputted to the DTCP 

information generation unit 1201. 

(Step S12) First, the source side is caused to make a 
transmission request of contents, and protection mode information 
(EMI information) of the contents is outputted to the first packet 

20 generation unit 901 by the DTCP information generation unit 1201. 
Packets of the contents are generated by the packet generation unit 
901, and the packets are transmitted to the sink. 

(Step S13) Subsequently, when the copy protection 
information of the contents is inputted to the AKE command 

25 receiving processing unit 1202 by the first packet receiver unit 903, 
in the receiver side (sink), the AKE command receiving processing 
unit 1202 analyzes the copy protection information, determines an 
authentication method to be used from among the full 
authentication or restricted authentication, and it transmits the 

30 authentication request through the AKE command transmission 
processing unit 120. 

(Step S14) The processing predetermined in DTCP is 
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performed between the source and the sink, and an authentication 
key is shared. 

(Step S15) Next, in the source, the AKE transmission 
processing unit 1203 encrypts an exchange key using the 
5 authentication key, and transmits it to the sink via the first packet 
generation unit 901. In the sink, the exchange key is decrypted in 
the exchange key generation unit 1204 according to the information 
provided by the AKE command receiving processing unit 1202. 

(Step S16) In the source, in order to change the encryption 
10 key temporally, seed information (O/E) which changes temporally is 
generated in the encryption key generation unit 1205, and it is 
transmitted to the sink via the DTCP information generation unit 
1201 and the first packet generation unit 901. 

(Step S17) In the source, an encryption key is generated 
15 using the exchange key and the seed information in the encryption 
key generation unit 1205, and the MPEG-TS is encrypted in the 
encrypted data generation unit 406 and outputted to the second 
packet generation unit 902. 

(Step S18) In the sink, the encryption key exchange 
20 information generation unit 1206 receives seed information from the 
first packet receiver unit 903, and the decryption key generation 
unit 1207 restores a decryption key using this seed information and 
the information of the exchange key generation unit 1204. 

(Step S19) In the encrypted data decryption unit 407 in the 
25 sink, the encrypted MPEG-TS signal is decrypted using this 
decryption key. 

[0124] As shown in FIG. 18A, in the first packet generation unit 
901, inputted data is subjected to the processings by RTCP or RTSP, 
TCP or UDP and further IP, and outputted. Note that, RTCP 
30 (rfcl889) makes it also possible to transmit a real bandwidth of a 
network, delay time and the like from a receiver device to a 
transmitter device. It enables the transmitter device to adjust the 
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quality of data to be transmitted in accordance with a reported 
communication state using RTP and transmit the data. In addition, 
RTSP (rfc2326) makes it possible to transmit control commands 
such as playback, pause, fast forwarding and the like, and to 
5 playback contents while downloading the data from an AV file. In 
addition, in the second packet generation unit 902, the inputted 
data is subjected to the processings by RTP, UDP and IP, and the IP 
packets are outputted. 

[0125] On the other hand, as shown in FIG. 18B, in the first 
10 packet receiver unit 903, the received data are subjected to IP 
receiving processing, TCP or UDP receiving processing, and further 
RTCP or RTSP receiving processing such as filtering, and outputted. 
In addition in the second packet receiver unit 904, the received data 
is subjected to IP receiving processing, UDP receiving processing 
15 and further RTP receiving processing such as filtering, and 
outputted. 

[0126] In this way, encryption of an MPEG-TS singal between the 
packet transmitter and receiver apparatuses using the DTCP method 
makes it possible to perform real-time transmission of the packets. 

20 Further, since the second packet generation unit 902 is configured to 
be hardware, no left packet to be transmitted and unreceived packet 
is generated inherently stemming from software processing. In 
addition, the first packet generation unit 901 with a small data 
amount can be processed by an inexpensive processor such as a 

25 microcomputer. 

[0127] Consequently, a second variation in this embodiment will 
be described. The basic configuration of the packet transmitter and 
receiver unit concerning this variation is the same as the first 
variation shown in FIG. 17. Note that, as shown in FIG. 20, the 

30 packet generation unit 403a (to be more precise, it is a packet 
generation unit 902a) and the packet receiver unit 405a (to be more 
precise, it is a packet receiver unit 904a) are different from the 
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configuration in the first variation. In other words, as shown in FIG. 
20, the packet transmitter and receiver unit has the same 
configuration as the first variation shown in FIG. 18 except that it 
has the second packet generation unit 902a of FIG. 20A and the 
5 second packet receiver unit 904a of FIG. 20B. Hence, the new 
parts will be described below. 

[0128] The second packet generation unit 902a locally performs 
error correction processing of input data, and performs processing 
by RTP, UDP, and IP, and outputs IP packets of the input data. 
10 [0129] In addition, the second packet receiver unit 904a locally 
performs IP receiving processing, UDP receiving processing and RTP 
receiving processing such as filtering, and further error correction 
decryption processing, and outputs the data subjected to error 
correction. 

15 [0130] FIG. 21 is an illustration of the protocol stack in the 
second variation. At the transmitter side, an error correctrion code 
(ECC encode) is added to the AV data, and the AV data is passed to 
UDP. In addition, at the receiver side, the data is received by the 
UDP processing, and subjected to error correction, and then passed 

20 to the upper layer as the AV data. 

[0131] Here, an example of error correction processing will be 
described with reference to FIG. 22 and FIG. 23. FIG. 22 is an 
illustration of the correction processing in the case where the error 
correction scheme is the Reed-Solomon scheme. FIG. 23 is an 

25 illustaration of the correction processing in the case where the error 
correction scheme is the Parity scheme. An MPEG-TS is inputted to 
an error correction interleave matrix on a two-unit basis. Note that 
two-byte sequence numbers are used for each line. Subsequently, 
as shown in FIGS. 22 and 23, for example, the earlier-mentioned 

30 10-byte DTCP information (4-bit EMI information, 64-bit seed 
information and other 12 bits) is used, and further an RTP header, a 
UDP header, an IP header, and an Ethernet (registered trademark) 
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header are added so as to configure an Ethernet (registered 
trademark) frame. 

[0132] In this way, an MPEG-TS signal is encrypted between the 
packet transmitter and receiver apparatuses using the DTCP sheme 
5 and further an error correction code is added. This makes it 
possible to perform real-time transmission of the MPEG-TS signal. 
Further, since the second packet generation unit 902 is configured to 
be hardware, no left packet to be transmitted and unreceived packet 
is generated inherently stemming from software processing. In 
10 addition, the first packet generation unit 901 with a small data 
amount can be processed by an inexpensive processor such as a 
microcomputer. 

[0133] (Sixth Embodiment) 

15 Next, a sixth embodiment of the present invention will be 

described. FIG. 24 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 401f in this embodiment. In 
FIG. 24, the packet transmitter and receiver unit 401f has the same 
configuration as the packet transmitter and receiver unit 401e 

20 shown in FIG. 17 except that it has a packet generation unit 403b (to 
be more precise, it is a second packet generation unit 902b) and a 
packet receiver unit 405b (to be more precise, it is a second packet 
receiver unit 904b). Hence, the new parts will be described below. 
[0134] FIG. 25 is an illustration of a protocol stack in this 

25 embodiment. At the transmitter side, an error correction code 
(ECC encode) is added to the AV data. There is a case where the AV 
data is passed to UDP, and a case where it is passed to TCP via HTTP. 
Here, whether the AV data is passed to RTP or HTTP is controlled by 
the receiver side. It performs switching control of RTP and HTTP. 

30 For example, in generation of packets of AV data, RTP which 
provides a small delay is used in the case where the AV data output 
of the receiver side is outputted to the display, and HTTP which 
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reduces the number of packet losses by re-transmission is used in 
the case where the AV data output of the receiver side is stored in 
the recording medium. In this way, in the case of outputting it to 
the display at the receiver side by switching control, it becomes 
5 possible to transmit AV contents at low delay. In addition, in the 
case of storing it at the receiver side, it becomes possible to 
transmit the AV contents which has become high-quality through the 
compensation of signal losses due to packet losses. Note that, in 
FIG. 25, the protocol processing at the receiver side is performed by 

10 performing the procedures at the transmitter side inversely. 

[0135] Here, FIG. 26 shows a block diagram showing the 
configuration of a packet transmitter and receiver unit 401g in a first 
variation of this embodiment. FIG. 27 shows a block diagram 
showing the configuration of a packet transmitter and receiver unit 

15 401h in a second variation of this embodiment. A receiving 
function or a transmitting function of AV contents such as an 
MPEG-TS is omitted from the configurations of them, but others are 
the same as the configuration of the packet transmitter and receiver 
unit 401f in this embodiment. The packet transmitter and receiver 

20 unit 401g and the packet transmitter and receiver unit 401h like this 
can be applied to an apparatus for transmitting or receiving only, 
and the cost can be reduced. 

[0136] (Seventh Embodiment) 

25 Next, a seventh embodiment of the present invention will be 

described. FIG. 28 is a block diagram showing the configuration of 
a packet transmitter and receiver unit 2401 in this embodiment. 
This packet transmitter and receiver unit 2401 is intended for 
pefroming encryption of inputted AV contents according to 

30 transmitting conditions included in the related meta information, 
addition of the related meta information, and generation of packets 
of the AV contents. It is composed of a TS stream identification 
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unit 2402, a transmitting condition setting management unit 2403, 
a Digital Rights Management (DRM) setting management unit 2404, 
an AKE unit 2405, a packet generation unit 2406, a transmission 
queue control unit 2407, a frame generation unit 2408, a frame 
5 receiver unit 2409, a packet receiver unit 2410, a DRM content 
purchase settlement unit 2411, a content buffer 2413, an encryption 
unit 2414, an encryption information header addition unit 2415, an 
HTTP/RTP header addition unit 2416, a condition setting unit 2417, 
and a decryption unit 2418. 

io [0137] Here, input terminal information indicating a terminal to 
which AV data to be transmitted is inputted, and AV data information 
including data format information indicating the data format of the 
AV data and attribute information indicating the attribute of the AV 
data are inputted into the transmitting condition setting 

15 management unit 2403. More specifically, the information include: 
transmission information such as a format type, a transmission 
destination address and a port number of the data to be 
transmitted; setting information of transmitting conditions such as 
information of a path used in the transmission (routing intormation), 

20 the bandwidth of the data to be transmitted, the transmission 
conditions such as the transmission priority of the data to be 
transmitted; management control data of apparatuses in the 
transmitter unit (local) and the receiver unit (remote); and data for 
providing the receiver side with a feedback of a receiving status. 

25 [0138] Concerning a selection of contents, URI information 
extended by Query is provided for each contents stored in a storage 
medium or each broadcasting channel. Here, as to the URI, URI 
information of the contents is mapped onto the principal data part 
and the authentication information of the contents is mapped onto 

30 the Query part. In this way, it is possible to set modes so that no 
authentication is necessary for transmitting contents provided by 
the URI information with no Query part and authentication is 
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necessary for transmitting contents provided by the URI information 
with a Query part. An example of URI and a Query can be provided 
in the following format. 

[0139] < service > ://<host> : <port>/< path >/< filename > . 

5 <ext>? AKEPORT=<port2> 

Here, "<host> :< port >/< path >/<filename> . <ext> 
represents the URI of the AV contents and the file name, and 
"<port2> " of the following Query part represents the port number 
for authentication. Here, in general, in the case where an 

10 authentication server serves also as a content providing server, the 
IP address of the port for authentication is the same as the IP 
address of the AV contents. However, in the case where an 
authentication server is different from a content providing server, 
the IP address of the port for authentication is different from the IP 

15 address of the AV contents. The transmitter side provides the 
receiver side with these units of execution mode information for 
authentication by the URI and the Query. The receiver side can 
receive the URI and the Query information using a Web brouser or 
the CDS of a UPnP-AV, and determine an authentication mode. 

20 [0140] In addition, the DRM setting management unit 2404 
receives DRM setting information (charge information, playback 
control information, or copy control information) from a 
transmitting condition setting management unit 2403 or a TS 
stream identification unit 2402, holdes and manages the 

25 information, and passes related information which is necessary for 
authentication and key exchange to the AKE unit 2405. More 
specifically, the DRM setting management unit 2404 generates at 
least one of charge information, copy control information, valid 
period information and valid playback times information for 

30 performing playback control, output control and copy control of the 
AV data. The information is generated based on the DRM setting 
information to be passed from the transmitting condition setting 



-53- 



> 



management unit 2403 and the like. It passes the generated 
information to the AKE unit 2405 as the authentication information. 
Here, "DRM" is digital copyright management. In the case where 
this DRM setting management unit 2404 judges that DRM charging 
5 and purchase processing is necessary for transmitting the contents, 
the DRM content purchase settlement unit 2411 performs purchase 
processing of the contents. After the content purchase processing 
is finished, the DRM content purchase settlement unit 2411 sets the 
copy control information (CCI) of the contents, and passes it to the 
10 AKE unit 2405. Note that the AKE unit 2405 includes an 
authentication unit which performs authentication processing, and 
an encryption key exchange unit which exchanges an encryption key 
with the receiver side. 

[0141] When AKE setting information is inputted to the AKE unit 

15 2405, the information related to this AKE setting information such 
as copy protection information and encryption key update 
information are inputted to the packet generation unit 2406. A 
TCP/IP header is added in the packet generation unit 2406, and 
further a MAC header is added in the frame generation unit 2408 so 

20 as to be converted into an Ethernet (registered trademark) frame 
and outputted to a network as a frame to be transmitted. 
[0142] FIG. 29 is a flow chart showing a transmission procedure 
of encrypted contents according to the DTCP method in an 
implementation of the present invention. An example of a 

25 transmitting step of AV contents subjected to a copyright 
procetection according to the DTCP method will be described with 
reference to this flow chart. Here, the AV contents compliant with 
DRM represents copy control of digital broadcasting, the Right 
Management and Protection (RMP) method which is handled in 

30 server broadcasting (the ARIB standard and the STD-B38), or 
content protection information handled in various types of network 
DRMs. 
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[0143] Here, RMP is a specification developed for the purpose of 
copyright management of contents and privacy protection of users 
in a system proposed by the TV Anytime forum (http://www. 
tv-anytime . org/). In addition, the Rights Management & 
Protection Information (RMPI) is a description and definition of right 
information indicating content use conditions. Functions which can 
be described by RMPI include use conditions such as viewable times 
of contents by a user, copy availability and copy times. The RMPI is 
also encrypted and transmitted securely, and the contents protected 
by the RMPI can be viewed within the range of the described 
conditions. In the server broadcasting, there is a demand for 
preventing an unauthorized use or manipulation of a program of 
digital information which is stored in a storage device such as a hard 
disc inside a receiver and includes video with no deterioration. 
[0144] In addition, it becomes easy to edit and reconstruct a 
program using meta data such as a program name, a 
starting/ending time, program contents concerning a broadcast 
program to be transmitted along with the broadcast program and 
view the program. Therefore, a control mechanism concerning how 
a broadcast receiver plays back, transmits and views a received 
program is important. 

[0145] A right management protection like this is performed, 
and as an example, contents are encrypted using an encryption key 
of a scrambled broadcast which is updated on a second-by-second 
basis, stored as it is in a hard disc inside the receiver side, and the 
encryption of the contents is decrypted at the time of playing back 
and viewing the contents. In addition, a scramble key is encrypted 
using a content key to be provided on a program-by-program basis 
so as to also peform protection on a program-by-program basis. 
Encryption like this makes it possible to prevent unauthorized 
manipulation of a stored program, and makes it impossible to 
prevent a program from being viewed even in the case where the 
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program is copyed in an unauthorized manner because a content key 
is necessary for viewing it. A broadcasting station can control 
allowed period for viewing of even a program stored by a receiver by 
adding use conditions such as valid period to the earlier-mentioned 
5 content key. 

[0146] The use of playback control function like this makes it 
possible to develop a broadcast program into a licensing service or 
a charging service. For example, in the case of viewing contents 
which has expired, a broadcast receiver can request a license for 

10 viewing the program to a broadcasting station, and dobtain a 
content key with a new varid period through broadcast, a telephone 
circuit or the Internet so as to view the program. 

(Step S21) First, a receiver side selects desired contents in a 
content list provided by a UPnP-AV or a CDS from a transmitter side, 

15 and casts a transmission request of the content to the source side. 

(Step S22) Data including copy control information or DRM 
information is extracted from a TS stream identification unit 2402, 
and inputted to the AKE unit 2405 via the DRM setting management 
unit 2404. 

20 [0147] As DTCP information, protection mode information (EMI 
information) of contents is outputted from the AKE unit 2405 to the 
encryption information header addition unit 2415, and added as 
header information in the encryption information header addition 
unit 2415, and then inputted to the packet generation unit 2406. 

25 (Step S23) In the receiver side (sink), when copy protection 

information of contents is inputted from the packet receiver unit 
2410 to the AKE unit 2405 which performs AKE command receiving 
processing, the AKE unit 2405 analyzes the copy protection 
information, determines an authentication method to be used from 

30 among a full authentication and a restricted authentication, and 
transmits an authentication request to the source. 

(Step S24) A processing predetermined by the DTCP is 
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performed between the source and the sink, and an authentication 
key is shared. In this way, authentication by the AKE unit 2405 is 
performed. For example, authentication with the receiver side 
(sink) is performed based on input terminal information, data 
5 format information, attribute information, and authentication 
conditions to be generated based on charge information, copy 
control information, valid period information and valid playback 
times information. 

(Step S25) Next, the source encrypts an exchange key using 

10 the authentication key in the AKE unit 2405, transmits it to the sink 
via the packet generation unit 2406, and the exchange key is 
decrypted in the AKE unit of the sink. 

(Step S26) In the source, in order to change the encryption 
key temporally, seed information (O/E) which changes temporally is 

15 generated in the encryption key generation unit of the AKE unit 2405, 
and it is transmitted to the sink via the AKE unit 2405, the 
encryption information header addition unit 2415, and the HTTP/RTP 
header addition unit 2416. 

(Step S27) In the source, an encryption key is generated 

20 based on the exchange key and the seed information in the AKE unit 
2405 which generates an encryption key, encrypts an MPEG-TS in 
the encryption unit, and outputs it to the packet generation unit 
2406. 

(Step S28) The AKE unit 2405 which is inside the sink and 
25 generates encrypted key exchange information receives seed 
information from the packet receiver unit 2410, and restores a 
decryption key based on the seed information and the exchange key. 

(Step S29) In the sink, the decryption unit 2418 decrypts an 
intput of the encrypted MPEG-TS signal using this decryption key, 
30 and outputs it. 

[0148] Here will be described an operation in the case where 
here is DRM contents and the copy available times is N times (N is an 
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integer of 2 or more). 

[0149] First, in the case where the receiver terminal is copliant 
with the DRM, it sets the CCI indicating a transmission encryption 
status at Copy One Generation (COG), Copy No More (CNM) or Copy 
5 Never (CN), and transmit it. Here, as an embedded CCI encrypted 
and transmitted, "information of remaining copy available times" is 
transmitted as (N-l) times to the receiver side. The receiver side 
decrypts the encryption of it, and then the terminal compliant with 
the DRM sets the remaining copy available times as (N-l) times. 
10 [0150] In addition, in the case where the receiver terminal is not 
compliant with the DRM, it deletes the DRM information of contents 
and transmits the contents using the CCI of the NMC to the receiver 
side. 

[0151] The AKE unit 2405 inputs the encrypted header 

15 information to the encryption information header addition unit 2415. 
The encryption information header addition unit 2415 performs 
addition control of the encryption information header in the follwing 
manner. 

[0152] Note that as related information of AV data to be inputted 
20 in the transmitting condition setting management unit 2403 (in the 

case of broadcast or playback of stored contents), the followings are 

conceivable as an example. 

(Case 1) The case where the AV data is contents received by 

a broadcasting channel which broadcasts copy-free contents. As 
25 examples of broadcasting channels like this, for example, there are 

VHF and UHF analog broadcasting channels or BS analog 

broadcasting channels. 

(Case 2) The case where the AV data is contents received by 

a broadcasting channel which broadcasts contents other than 
30 copy-fee contents even in a predetermined period. As examples of 

broadcasting channels like this, for example, there are toll channels 

of BS digital broadcasting or toll channels of CATV broadcasting. 
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The copy control information of broadcasting channels which 
broadcast contents other than copy-free contents even in this 
predetermined period is characteristic in that Copy Never, Copy One 
Generation and Copy Free with an EPN flag are changed from 
5 moment to moment depending on broadcast contents. 

[0153] Here, reception of a broadcasting channel which 

broadcasts contents other than copy-free contents even in a 
predetermined period can be controlled to be performed in the case 
where a provider which distributes the broadcast authenticates a 

10 receiver apparatus or a receiving user as an authorized receiver 
apparatus or a receiving user in the authentication unit. As 
conceivable examples of this authentication are authentication by a 
security module such as a B-CAS card of digital satellite 
broadcasting in Japan or a POD card used in CATV broadcasting in 

15 the United States. 

[0154] In addition, addition control of encryption information 
headers is performed, for example, in the following manner. In 
other words, it is not performed in the case where a broadcasting 
channel which broadcasts copy-free contents is received. In 

20 addition, it is added in the case where a broadcasting channel which 
broadcasts contents other than copy-free contents even in a 
predetermined period is received. Further, it is added in the case 
where AV data is contents, having a Copy Free title, played back 
from the storage medium. Further, it is added in the case where AV 

25 data is contents, having a title other than the Copy Free title, played 
back from the storage medium. 

[0155] As described above, by performing addition control of 
encryption information headers, it is possible to succeed and 
transmit the copy control information (CCI) of AV contents which 
30 has been set by the copyright owner also in a network transmission. 
Further, that the transmitter side and the receiver side share a rule 
for addition control of encryption information headers makes it 
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possible to secure operation compatibility between different 
apparatuses. 

[0156] Here, the packet generation unit 2406 generates packets 
of inputted data and transmits them according to transmission 
5 parameters determined by the transmitting condition setting 
management unit 2403. 

[0157] The transmitting condition setting management unit 
2403 provides the transmission queue control unit 2407 with 
transmitting conditions such as: transmission information such as a 
10 transmission destination address or a port number; information of a 
path used in transmission (routing information); the bandwidth of 
data to be transmitted; transmission priority of the data to be 
transmitted. 

[0158] These data set headers and payload data to be generated 
15 by the packet generation unit 2406 and the frame generation unit 
2408 by the TCP/IP processing. 

[0159] At the receiver side, signals inputted via a network are 
filtered based on MAC headers by the frame receiver unit 2409, and 
inputted to the packet receiver unit 2410 as IP packets. The packet 

20 receiver unit 2410 performs filtering by identifying the IP packet 
headers or the like, and outputs the packets to the AKE unit 2405. 
In this way, the AKE unit of the transmitter side and the AKE unit of 
the receiver side are connected through a network, and thus 
messages are exchanged with each other through communication 

25 protocols. In other words, they can execute authentication and key 
exchange according to a procedure which is set by the AKE unit. 
[0160] Once authentication and key exchange are established 
between the transmitter side and the receiver side, encrypted AV 
data is transmitted. 

30 At the transmitter side, for example, in the case where an 

input signal is an MPEG full TS stream, it inputs the full TS stream 
into the TS stream identification unit 2402, and converts the full TS 
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stream into a partial TS stream. 

[0161] Subsequently, it transmits the converted partial TS 

stream to the content buffer 2413, and adjusts an encryption 
timing. 

5 [0162] It inputs the partial TS output of the content buffer 2413 
into the encryption unit 2414 and performs encryption, and adds 
AKE information such as the earlier-mentioned EMI and seed 
information (all of the bits of the seed information or a part of bits 
such as O/E) in the encryption information header addition unit 
10 2415. 

[0163] Further, it inputs these signals into the packet generation 
unit 2406, and adds TCP/IP headers to them using conditions 
provided by the transmission queue control unit 2407. In order to 
perform transmission priority control of packets, MAC headers are 

15 added using, for example, the 802.1 Q (VLAN) scheme in the frame 
generation unit 2408 so as to be converted into Ethernet (registered 
trademark) frames and outputted to a network as frames to be 
transmitted. Here, to set Priority (user priority) in the Tag Control 
Information (TCI) inside a MAC header high makes it possible to set 

20 the priority of the data with the MAC header in a network 
transmission higher than general data. 

[0164] At the receiver side, signals to be inputted via a network 
are filtered based on MAC headers by the frame receiver unit 2409, 
and inputted to the packet receiver unit 2410 as IP packets. The 

25 packet receiver unit 2410 performs filtering by identifying packet 
headers, outputs transmission-related data such as transmitting 
conditions to the condition setting unit 2417, outputs AKE-related 
data to the AKE unit 2405, and outputs AV contents to the 
decryption unit 2418. The decryption unit 2418 performs removal 

30 of encryption information headers and decryption of the contents, 
and outputs a decrypted MPEG-TS signal. 

[0165] Note that data for providing the transmitter side with a 
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feedback of a receiving status is inputted in the condition setting 
unit 2417, and a feedback of the information setting headers and 
payload data in the packet generation unit 2406 for IP packets and 
the frame generation unit 2408 for Ethernet (registered trademark) 
5 frames are provided to the transmitting condition setting 
management unit 2403. 

[0166] Next, a supplemental description of the above procedure 
will be provided using a protocol stack of FIG. 30. In the 
transmitter side of FIG. 30, the encrypted contents and content 

10 protection mode information to be provided from the DRM setting 
management unit 2404 are transmitted from the transmitter side to 
the receiver side first. The receiver side analyzes the content copy 
protection information, determines an authentication method, and 
transmits an authentication request to the packet transmitter 

15 apparatus. Next, it generates a random number, inputs this 
random number into a predetermined function, and generates an 
exchange key. It inputs information of the exchange key into a 
predetermined function, and generates an authentication key. The 
receiver side shares the authentication key according to a 

20 predetermined procedure. Note that, as for encryption information 
used here, it is transmitter side's unique information (the apparatus 
ID, the apparatus authentication information, the MAC address or 
the like), information generated as a combination of one or more of 
a secret key, a public key, information provided from outside, or the 

25 like. To use strong encryption method with a strong encryption 
strength such as the DES method and the AES method makes it 
possible to perform strong encryption. Subsequently, the 
transmitter side encrypts the exchange key using the authentication 
key and transmits it to the receiver side, and the receiver side 

30 decrypts the exchange key. In addition, it inputs the exchange key 
and initial key update information into a predetermined function, 
and generates an encryption key. In order to change the 
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encryption key temporally, it should be noted that the transmitter 
side generates key update information which changes temporally, 
and transmits it to the receiver side. An MPEG-TS which is the 
contents is encrypted using the encryption key. Subsequently, as 

5 AV data, the encrypted MPEG-TS is made into the payloads of TCP 
(or UDP) packets so as to generate TCP packets. Further, these TCP 
packets are used as the payloads of IP packets so as to generate IP 
packets. Further, these IP packets are used as the payloads of MAC 
frames so as to generate Ethernet (registered trademark) MAC 

10 frames. As such MACs, note that they can be applied to not only 
MACs by the IEEE 802.3 which is the Ethernet (registered 
trademark) but also MACs by the IEEE 802.11 which is a wireless 
LAN standard. 

[0167] By the way, these Ethernet (registered trademark) MAC 

15 frames are transmitted from the transmitter side to the receiver side 
on the Ethernet (registered trademark). The transmitter side 
generates a decryption key according to a predetermined procedure. 
Subsequently, IP packets are obtained by filtering the received 
Ethernet (registered trademark) MAC frames. Further, TCP (or UDP 

20 packets) are extracted from these IP packets. Subsequetly, AV 
data is extracted from these TCP (or UDP) packets. An MPEG-TS 
(contents) is decrypted using the decryption key restored based on 
the exchange key and the key exchange information, and the 
decrypted MPEG-TS is outputted. 

25 [0168] As described above, an AV stream such as an MPEG-TS 
signal is encrypted by the packet transmitter apparatus, and the IP 
packets are transmitted via a network. The packet receiver 
apparatus decrypts the IP packets into an original signal. 
[0169] Note that the transmission queue control unit 2407 has 

30 an AV data queue as a first queue and a general data queue as a 
second queue. 

[0170] As shown in FIG. 28, AKE setting information is inputted 
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to the AKE unit 2405. The followings are inputted to the packet 
generation unit 2406: information related to this AKE setting 
information (for example, copy protection information and 
encryption key update information), types of data to be transmitted, 
5 information of a transmission destination address and a port number, 
information of a path to be used in transmission (routing 
information), the bandwidth of the data to be transmitted, setting 
information of transmission conditions such as transmission priority 
of the data to be transmitted and the like, management control data 

10 of the apparatuses in the transmitter unit (local) and the receiver 
unit (remote), and the data for providing the transmitter side with a 
feedback of a receiving status. The information and data are 
subjected to TCP/IP processing performed in the packet generation 
unit 2406, and the packets are inputted into the first queue. 

15 [0171] In addition, in the transmitter side, an MPEG-TS signal is 
inputted to the encryption unit 2414, and encrypted. Subsequently, 
this encrypted MPEG-TS signal is inputted into the packet generation 
unit 2406. The signal is subjected to TCP/IP processing performed 
in the packet generation unit 2406, and the packets are outputted to 

20 the AV data queue. 

[0172] In the case where there are data in a first queue and a 
second queue, the transmission queue control unit 2407 performs 
output priority control of these data. In a normal state, it performs 
output control giving a higher priority to contents data such as an 

25 MPEG-TS and lower priority to general data. For example, it 
adaptively further increases the priority of the second queue so that 
MPEG-TS data are outputted preferentially, in the case where an 
MPEG-TS is transmitted between packet transmitter and receiver 
apparatuses at a low latency (low delay), a buffer for MPEG-TSs is 

30 become smaller, and thus the buffer tends to overflow. In the case 
where the buffer for MPEG-TSs in the transmitter side is about to 
overflow, or in the case where it is found that the buffer for 
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MPEG-TSs in the receiver side is about to underflow by referring to 
a feedback information provided from the receiver side. This 
makes it possible to prevent these buffer failures from occurring. 
[0173] It is good to give higher priority adaptively to the first 
5 queue in order to increase speed of apparatus control response such 
as playback and pause of the receiver side apparatus (remote 
apparatus), however, it should be noted that this may cause the 
earlier-mentioned buffers for MPEG-TSs to overflow or underflow. 
[0174] It is possible to realize a fast control response by 

10 outputting only packets for apparatus control directly to the frame 
generation unit without passing any queue, as a method of 
preventing the buffers from overflowing and underflowing and 
increasing the speed of apparatus control response such as playback 
and pause of the receiver side apparatus (remote apparatus). 

15 Otherwise, it is possible to realize a fast control response according 
to a method of newly preparing a third queue for the packets for 
apparatus control. 

[0175] In addition, AKE setting information is inputted to the 
AKE unit 2405 of FIG. 28. The followings are inputted to the packet 

20 generation unit 2406: information related to this AKE setting 
information (for example, copy protection information and 
encryption key update information), types of data to be transmitted, 
information of a transmission destination address and a port number, 
information of a path to be used in transmission (routing 

25 information), the bandwidth of the data to be transmitted, setting 
information of transmission conditions such as transmission priority 
of the data to be transmitted and the like, management control data 
of the apparatuses in the transmitter unit (local) and the receiver 
unit (remote), and the data for providing the transmitter side with a 

30 feedback of a receiving status. The data is subjected to TCP/IP 
processing by local software processing where a processor is used, 
and the packets are inputted into a general data queue. 
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[0176] In the transmitter side, an MPEG-TS signal is inputted to 
the encryption unit 2414, and encrypted. Subsequently, this 
encrypted MPEG-TS signal is inputted to the packet generation unit 
2406, subjected to UDP/IP processing by local hardware processing, 
5 and inputted to the AV data queue. 

[0177] In the case where there are both an AV data queue which 
is the first queue and a general data queue which is the second 
queue, the transmission queue control unit 2407 performs priority 
control concerning data output from these two queues in a smilar 

10 manner to the seventh embodiment. 

[0178] By the way, in the receiver side, signals inputted via a 
network are filtered based on MAC headers in the frame receiver unit 
2409 so as to obtain IP packets. Here, the IP packets outputted by 
the packet generation unit 2406 of the source are inputted to the 

15 packet receiver unit 2410 of the sink. These pakcets received in 
the general data queue are subjected to TCP/IP receiving processing 
by software processing where a processor is used, and outputted to 
the AKE unit 2405 or the condition setting unit 2417. In addition, 
the packets received in the AV data queue are subjected to UDP/IP 

20 receiving processing by hardware processing. The encrypted AV 
data are inputted to the decryption unit 2418 so as to be decrypted, 
and then outputted as an MPEG-TS. 

[0179] For example, note that it is possible to generate other 
packets for exclusive use and transmit them, as a method of 

25 transmitting EMI and seed information from the transmitter side to 
the receiver side. This makes it further difficult to perform 
restoration of an encryption key, and thus it makes it further difficult 
to perform bugging and leakage of the contents. It is possible to 
futher make it difficult to perform bugging and leakage of the 

30 contents by changing encryption parameters of AV data to be 
transmitted in real time in a public net such as the Internet or 
transmitting these parameters in a separate packet. As for 
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management control data, they are made into TCP packets by 
software processing, and the TCP packets are made into the IP 
packets. 

[0180] In addition, the AKE unit 2405 has an authentication 
execution mode for executing authentication between the 
transmitter side and the receiver side, and an authentication 
nonexecution mode for not executing authentication. The 
encryption unit 2414 performs addition of encryption information 
headers based on protection mode information of contents to be 
provided by the DRM setting management unit 2404, irrespective of 
whether the AKE unit 2405 is in an authentication execution mode or 
in an authentication nonexecution mode. 

[0181] By the way, the Ethernet (registered trademark) MAC 
frames are transmitted from the transmitter side to the receiver side 
on the Ethernet (registered trademark). The receiver side 
generates a decryption key according to a predetermined procedure. 
Subsequently, IP packets are obtained by filtering the received 
Ethernet (registered trademark) MAC frames. Further, UDP 
packets are extracted from these IP packets, and AV data are 
extracted from the UDP packets. An MPEG-TS (contents) is 
decrypted using a decryption key Kc restored based on the exchange 
key and seed information, and outputted. 

[0182] As described above, it becomes possible to encrypt an 
MPEG-TS signal and transmit it in real time between the packet 
transmitter apparatus and the packet receiver apparatus, and the 
second packet generation unit is configured to be hardware. 
Therefore, left packets to be transmitted and unreceived packets 
which inherently stem from software processing are not generated. 
In this way, all the priority data packets are completely transmitted. 
Thus, it becomes possible to transmit a high-quality video with 
guaranteed real-timeliness. In addition, general data are 
temporarily stored in a buffer unit, and intermittently transmitted 
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while priority data transmission is preferentially performed. In 
addition, the first packet generation unit with a small data amount 
can be processed by an inexpensive processor such as a 
microcomputer. 

5 [0183] Further, it is possible to receive Ethernet (registered 
trademark) frames by hardware processing even in the receiving 
processing and examine IP headers in the third layer and UDP 
headers in the fourth layer at the same time. It is possible to 
receive a high-quality video with guaranteed real-timeliness 

10 because no unreceived frames are generated by separating the 
MPEG-TS packets from general data packets and performing 
processing of these MPEG-TS packets by hardware processing. 
[0184] It is possible to perform transmission control on a 
clock-by-clock basis by controlling the packet transmission timings 

15 or the data transmission ratio from these two transmission data 
queues not by software but by hardware. In this way, all the 
priority packets are completely transmitted, and thus it becomes 
possible to transmit a high-quality video with guaranteed 
real-timeliness. In addition, output packets shaping is also 

20 performed finely on a clock-by-clock basis. Therefore, it becomes 
possible to perform a high-quality communication with a low 
occurrence probability of packets discarding in the first-stage router 
or a switching hub. 

[0185] In this way, an MPEG-TS signal is encrypted using the 
25 DTCP method and transmitted in real time between the packet 

transmitter apparatus and the packet receiver apparatus, and the 

second packet generation unit is configured to be hardware. 

Therefore, left packets to be transmitted and unreceived packets 

which inherently stem from software processing are not generated. 
30 In addition, the first packet generation unit with a small data 

amount can be processed by an inexpensive processor such as a 

microcomputer. 
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[0186] Note that the packet transmitter and receiver unit 2401 
may notify the packet receiver apparatus of data format information, 
attribute information, and the control authentication information 
which is composed of at least one of charge information, copy 
5 control information, valid period information and valid playback 
times information, as a program list, by URI information specifying 
the access positions of AV data or URI information extended by a 
Query on a program-by-program basis. 

[0187] Likewise, on receiving a transmission request of the 
10 program list from the receiver side (sink), the packet transmitter 
and receiver unit 2401 may notify the packet receiver apparatus of 
data format information, attribute information, and the control 
authentication information which is composed of at least one of 
charge information, copy control information, valid period 
is information and valid playback times information, by URI 
information specifying the access positions of AV data on a 
program-by-program basis or URI information extended by a Query, 
as a program list. 

[0188] Further, in the case where the copy control information of 
20 each program of the AV data indicates that no copy control is 
performed, the packet transmitter and receiver unit 2401 may 
generate two types of MIME-Type which are a first MIME-Type 
indicating data format information of the AV data and a second 
MIME-Type indicating data format information of the AV data with 
25 intermittently added encryption information headers, and may 
present these two extended URI information specifying the access 
positions in the AV data on a program-by-program basis to the 
packet receiver apparatus. It is possible to generate a logical 
description of each unit program (corresponding to "item" of AV 
30 data) as a resource, using "res" defined in the Universal Plug and 
Play (UPnP). For example, in the case of using a Content Directory 
Service (CDS) of the UPnP, the receiver side (client) can browse and 
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search a unit program of a particular AV data as an item belonging to 
a Container mapped onto a logical directory structure inside the 
transmitter side (server). Here, as "res" representation to these 
two MIME-Types, it is possible to identify "res" as an available 

5 resource by, for example, inserting each MIME-Type into a third field 
of "protocollnfo" which is the attribute of the "res". 
[0189] URI information representing a content position is used 
for specifying the URI of the "res" in the Universal Plug and Play 
(UPnP). Contents are identified by inserting these two MIME-Types 

10 into the third field of "protocollnfo" which is the attribute of the 
"res". 

[0190] For example, to insert a different MIME-Type into a third 
field in <res protocolInfo= "first field" : "secod field" : "third field": 
"fourth field">" URI of res"</res> makes it possible to identify "res" 
15 which is a content resource even in the case where the other fields 
are the same. 

[0191] As definitions of protocollnfo in the UPnP-AV, note that 
"first field" relates to a transmission protocol, "second field" relates 
to a network, "third field" relates to a content format, and "fourth 

20 field" relates to additional information. 

[0192] For example, in the case where "first field" is "http-get", 
the "second field" is "*", the "third field" is "MIME-Type", and the 
"fourth field" is "additional information". In addition, in the case 
where "first field" is "rtp", the followings can be used: "*" as the 

25 "second field", "payload type of RTP" as the "third field", and 
"additional information" as the "fourth field". 

[0193] In the case where transmission control where 

protocollnfo is used, to determine a new specification regarding the 
fourth field as "additional information" makes it possible to realize 
30 more detailed transmission control. 

[0194] In addition, in the case of transmitting packets in 
multicast transmission, the packet transmitter and receiver unit 
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2401 may output both signals represented by these two "res", that 
is, packets with added encryption information headers and packets 
without such headers. In this case, the transmitter side adaptively 
select "res" to be received. 

5 

[0195] (Eighth Embodiment) 

Next, an eighth embodiment of the present invention will be 
described. The configuration of a packet transmitter and receiver 
unit is basically the same as the one in the seventh embodiment 
10 shown in FIG. 28. The same parts as the ones in the seventh 
embodiment will not be described, and only the different parts will 
be described below. 

[0196] In this embodiment, a transmission protocol is set so that 
contents which is being live-broadcast in the seventh embodiment is 

15 transmitted using the HTTP chunk transmission scheme in the 
HTTP/RTP header addition unit 2416 and the packet generation unit 
2406. Note that the chunk transmission scheme is one of the 
transmission schemes defined by the HTTP, and it is defined as data 
transmission by transmission data chunk with a size determined 

20 between the receiver and the transmitter. 

[0197] In this way, it becomes unnecessary that the receiver 
side (client) calculates a header length or a transmission content 
length to be added in the encryption each time an HTTP request is 
made, while it conventionally needs to calculate one. Thus, the 

25 processing load of the receiver side can be reduced. In particular, 
it is possible to reduce the processing load of the transmitter side 
and the receiver side while live-broadcast is being received. 
[0198] As for the payload data length in HTTP, it is an integral 
multiple of an encryption information header and a TS which is the 

30 transmission payload to be encrypted, and the transmitter side can 
set a convenient value for it. In this chunk transmission, in the 
case where TCP connection is in a persistent connection mode (set at 
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Keep Alive in the case of the HTTP version 1.0, or set at Persistent 
connection in the case of the HTTP version 2,0), it becomes 
unnecessary to disconnect and establish the TCP connection 
frequently each time a TCP transaction is made while contents are 
5 being transmitted. Thus, it is possible to perform an efficient AV 
transmission. Hence, in the case where it is determined that a 
transmission protocol of AV data is TCP as a transmission protocol of 
the AV data, the packet transmitter and receiver unit can bring the 
TCP connection to a persistent connection mode, and thus it can 
10 realize an efficient and stable transmission of AV data. 

[0199] (Ninth Embodiment) 

Next, a ninth embodiment of the present invention will be 
described. FIG. 31 is a block diagram showing the configuration of 

15 a packet transmitter and receiver unit 2401a in this embodiment. 
This packet transmitter and receiver unit 2401a has a storage unit 
2701 in addition to the configuration of the packet transmitter and 
receiver unit 2401 of the seventh embodiment shown in FIG. 28. 
The same parts as the ones in the seventh embodiment will not be 

20 described, and only the different parts will be described below. 

[0200] This packet transmitter and receiver unit 2401a has a 
storage unit 2701 connected to a TS stream identification unit 2402. 
Here, the storage unit 2701 is a hard disc or an optical disc. In this 
embodiment, the packet transmitter and receiver unit 2401a 

25 transmits MPEG-TS data stroed in the hard disc or the optical disc 
using a range request of HTTP. 

[0201] This range request is a file including I-frame position 
information in a file which is paired with an MPEG-TS file stored in 
the storage unit 2701. An example is a so-called IFO file in the 
30 DVD-VR method. It is possible to realize trick playback such as fast 
forwarding, rewinding and slow playback by using a file with the 
I-frame position information which is equivalent to this IFO file in an 
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efficient and easy manner. 

[0202] As an applicable range of input data used in the present 
invention, it becomes possible to transmit AV contents compliant 
with server broadcasting or general DRMs such as different DRM 
schemes of manufactures, using DTCP-IP. 

[0203] Note that it is possible to transmit AV data by switching 
transmission by HTTP and transmission by RTP. At this time, as for 
the transmission by HTTP, it can also be realized by performing 
chunk transmission in the case where an output from the source is a 
reception signal of live broadcast, a switching signal of reception 
channels, or a reproduction signal at the time of selecting a stored 
program, or by performing playback switching using the range 
request in the case where an output from the source is a 
reproduction signal from a program played back from a storage 
medium after the program selection. 

[0204] (Tenth Embodiment) 

Next, a tenth embodiment of the present invention will be 
described. FIG. 32 is a block diagram showing the configuration of 
20 a packet transmitter and receiver unit 2401b in this embodiment. 
This packet transmitter and receiver unit 2401b has an I-frame 
position information generation unit 2801 in addition to the 
configuration of the packet transmitter and receiver unit 2401a of 
the ninth embodiment shown in FIG. 31. The same parts as the 
25 ones in the ninth embodiment will not be described and only the 
different parts will be described below. 

[0205] In the case of contents with different storage formats 
stored in a hard disc or an optical disc, the client (sink) has to 
understand files storing I-frame position data of all the different 
30 contents in the storage unit 2701. When the number of formats 
becomes great, a heavy load is placed on the transmitter side. 
Therefore, in this embodiment, the transmitter side generates 



-73 - 



common I-frame position information, based on different I-frame 
position information, using a common I-frame position information 
generation unit 2801. In this way, it is possible to realize trick 
playback such as fast forwarding, rewinding and slow playback 
5 easily even in the case of different storage formats such as an HDD 
storage format, a DVD-VR method, and a BD method of 
manufactures. 

[0206] In this packet generation, HTTP receives a range request 
from the receiver unit or a data obtainment command, and transmits 

io payload data including at least one of the AV data and the encryption 
mode information. In the case where the AV data in the transmitter 
side is MPEG, this range request or data obtainment command is 
executed referring to at least one of continuity information 
indicating an occurrence of discontinuity in the MPEG stream, 

15 position information of an I-picture, P-pictures, and B pictures of the 
MPEG stream in the AV data file, the respective numbers of 
P-picrures and B pictures or the total number of P-pictures and B 
pictures which exist between an I-picture and the next I-picture. 
Here, continuity information indicating an occurrence of 

20 discontinuity in the MPEG stream can be generated based on the DIT 
information described in the ARIB standard, the ARIB-TR-B14 or the 
second part of the ARIB-TR-B14. In the case of an MPEG partial TS, 
a discontinuity point of this stream is an occurence point of 
discontinuity in a system time base of an MPEG-TS stream, for 

25 example, an occurrence point of discontinuity in PCRs or an 

occurrence point of discontinuity in "continuity counter" of a 

transport packet header of a packet which constitutes a partial TS. 
[0207] In addition, as for position information of MPEG 

I-pictures, P-pictures or B-pictures in an AV data file, I-picture, 

30 P-picture or B-picture's common position information which is 
common in different formats are generated based on position 
information of I-pictures, P-pictures or B-pictures which are 
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originally included even in the case where the AV data have different 
formats and time information of the MPEG I-pictures, P-pictures or 
B-pictures. This common position information of I-pictures, 
P-pictures or B-pictures are used as reference information of 
5 position information and time information of MPEG I-pictures, 
P-pictures or B-pictures in the AV data file. In this way, there is a 
great merit that a remote terminal can directly access a specific 
picture, based on common position information or time information 
of I-pictures, P-pictures or B-pictures, for example, even in the case 

10 of an MPEG-TS file stored in a different format. 

[0208] For example, as an example shown in FIG. 33, "picture 
infomraiton file" having integrated continuity and position 
information of I-pictures, P-pictures or B-pictures, and the like are 
read out from an HDD or a BD disc storing a partial TS. The 

15 terminal which exists in a remote place can refer to each picture 
position finely by referring to this integrated picture information file, 
based on byte positions and time information (timestamp) through a 
network, even in the case of a different TS storage format. 
[0209] In FIG. 33, "discont" is a 1-bit flag indicating a 

20 discontinuity point in a partial TS. For example, a TS is continuous 
when the value indicates "0", and a TS is discontinuous when the 
value shows "1". In addition, "IPB flag" is a 2-bit identification flag 
indicating an I-picture, a P-picture or a B-picture. A value "00" 
indicates an I-picture, a value "01" indicates a P-picture, and a value 

25 "10" indicates a B-picture. Here, it is necessary to describe the 
"IPB flag" in the case of an I picture, but it is not always necessary 
to describe the "IPB flag" in the case of a P picture or a B picture. In 
addition, byte positions of an I-picture, P-pictures and B-pictures in 
a starting file is shown by "Byte_position" of 32 bits. Further, the 

30 total number of P-pictures and B-pictures which exist between an 

I-picture and the next I picture is indicated by "PB number" of 5 

bits. "Timestamp" is time information of I-pictures, P-pictures and 
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B-pictures. A timestamp value of a TS in a specific position such as 
the starting position of a TS sequence with a timestamp which 
constitutes each of the MPEG I-picture, P-picture or B-picture is 
converted into a 40-bit timestamp, and the timestamp is used. The 
5 definitions of the respective parameters and flag values are not 
limited to the above-mentioned combinations. 

[0210] As described above, with this embodiment, it is possible 
to realize trick playback such as slow playback or fast playback 
finely and beautifully. Note that it is possible to consider this 

10 picture information file as a filtering function which enables the 
remote terminal to view picture positions in the MPEG-TS file with a 
different storage format in the local terminal. In other words, it is 
possible to generate a common picture information file, based on 
the AV data file storing an MPEG-TS in a unique file format and the 

15 related-information file. 

[0211] In addition, with this embodiment, there provided an 
effect of making it possible to access an MPEG I-picture, P-picture or 
B-picture efficiently, even in the case of implementation by a 
transmitter and receiver apparatus which does not implement AKE 

20 or encryption processing of AV contents. 

[0212] Further, another function of the present invention will be 
described. In a content buffer 2413, an error correction code of the 
Reed-Solomon scheme or the like is added to an MPEG-TS signal, 
and the MPEG-TS signal is encrypted in an encryption unit 2414. In 

25 this way, the MPEG-TS signal is encrypted using the DTCP method 
between the packet transmitter and receiver apparatuses, and 
futher provided with an error correction code, and thus real-time 
transmission of the MPEG-TS signal becomes possible. Here, in the 
case where a packet generation unit for header addition and 

30 transmission processing of MPEG-TSs is configured to be hardware, 
left packets to be transmitted and unreceived packets which 
inherently stem from software processing are not generated. In 
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addition, packets of general data with small data amount can be 
processed by an inexpensive processor such as a microcomputer. 
[0213] In the case where packets are transmitted using a 
general communication network such as the IP network which does 

5 not guarantee the ordinality of packets, in the above-mentioned 
embodiment, packets may be provided with sequence numbers and 
transmitted, and the receiver side may guarantee the ordinality of 
the packets using the sequence numbers. The guarantee of 
ordinality can be performed in the fourth or the upper layers of the 

10 OSI model, that is, in RTP or video signal processing. 

[0214] In addition, it is possible to take a countermeasure 
because AV signal packets, which are subjected to hardware 
processing at the transmitter side and transmitted, are not 
fragmented through a network. In other words, it is good that the 

15 transmitter side checks in advance the maximum size (MTU) of a 
packet which is not fragmented in a communication network in the 
application-level processing, and transmits packets having a size 
below the maximum size. Otherwise, since the RFC standard 
defines that all terminals must handle IP packets having a size of 

20 576 bytes, IP packets having a size of 576 bytes or less are not 
fragmented by various network apparatuses such as routers. 
Consequently, it is good that- the transmitter side adjusts the packet 
size of an AV signal to be subjected to hardware processing at the 
transmitter side so that the sizes of these IP packets become 576 

25 bytes or less. Note that it is possible to process all the received 
fragmented packets as general packets on condition that AV signal 
packets to be subjected to hardware processing at the transmitter 
side are not fragmented. In addition, since a transmitter terminal 
has to fragment each packet with a size exceeding the maximum 

30 value of an IP packet of the Ethernet (registered trademark), it is a 
matter of course that the size of each packet has to be the maximum 
value or below in order to prevent priority packets to be fragmented. 
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[0215] In addition, in the case where there is little possibility 
that such fragmentation occurs in a communication network, 
fragment processing load of a receiver terminal may be reduced by 
setting a fragment prohibition flag at the IP header of each packet of 

5 an AV signal subjected to hardware processing at the transmitter 
side and transmitted, and by causing a router to discard the IP 
packet in the case where the router cannot help but to fragment the 
IP packet. While few packets are lost in this case, it is possible to 
guarantee a communication quality by means that the receiver side 

10 performs error correction or error modification. 

[0216] Further, the Ethernet (registered trademark) is taken as 
an example of a communication net protocol in the embodiment, but 
the present invention is not limited to this. 

[0217] In addition, an MPEG-TS is used as an example of video 

15 signal processing, but the present invention is not limited to this. 
As for an applicable range of input data used in the present invention, 
the range is from an MPEG-1/2/4 TS stream (ISO/IEC 13818) to 
every stream concerning video and audio including a stream 
standardized by DV (IEC 61834, IEC 61883), SMPTE 314M 

20 (DV-BASED), SMPTE 259M (SDI), SMPTE 305M (SDTI) and SMPTE 
292M (HD-SDI). A video or audio data rate is not limited to CBR 
(constant bit rate). Further, the present invention does not exclude 
any data as long as it is video or audio, or general real-time data or 
data to be transmitted and received preferentially. 

25 [0218] In addition, as an applicable range of intput data used in 
the present invention, it is applicable for data file transfer. In the 
case of file transfer, it is possible to realize transmission higher than 
real-time transmission under a certain condition, depending on 
processing capability of transmitter and receiver terminals and a 

30 propagation delay time between these transmitter and receiver 
terminals. 

[0219] In addition, as an applicable range of input data used in 
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the present invention, it becomes possible to transmit server 
broadcasting or manufacturers' general AV contents compliant with 
DRM such as the DRM scheme, using DTCP-IP. 

[0220] In addition, in the embodiment, the packet transmitter 
5 and receiver apparatus may transmit N programs composed of AV 
data by assigning the programs to N ports for UDP or TCP. Here, N 
is an integer of 2 or more. At this time, the respective N programs 
assigned to the respective N ports can represent the followings: a 
broadcast receiving tuner or a storage media device which is built in 

io a source, by a container format of the UPnP unit; the broadcast 
reception channel or the storage program, by an item format of the 
UPnP unit; presence positions of items (which become "res" as 
resources) by URIs; and a transmission protocol or attribute 
information by "res" representation using protocollnfor of UPnP. 

15 Thus, it is possible to realize a detailed transmission system such as 
simultaneous transmission of prural programs to plural clients. 
[0221] In addition, here is a case where broadcast is received 
and there are plural transmission streams, transmitted from a 
source to a sink, of N programs (res) assigned to the respective N 

20 ports in the transmitter side. Each stream is represented by a 
property format of UPnP. Any of the followings are included as the 
attribute of the property of a specific transmission stream: a tuner 
container type; a tuner ID of each tuner container type; a channel ID 
selected by the tuner; availability information as to 

25 sharing/preemption with/by other clients of a transmission stream; 
TCP or RTP port numbers used in the transport layer by which the 
stream is transmitted; a connection ID, of the UPnP-AV unit of the 
sink, which the ConnectionManager of the UPnP-AV unit of the sink 
sets as to an item-related logical connection to the 

30 ConnectionManager of the UPnP-AV unit of the source; and a 
connection ID, of the UPnP-AV unit of the source, which the 
ConnectionManager of the UPnP-AV unit of the source sets as to an 
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item-related logical connection to the ConnectionManager of the 
UPnP-AV unit of the sink. This enables the receiver side (client, 
sink) to determine whether there is space in a transmission stream 
or not, and determine the channel and the tuner which are selected 
5 by referring to the property and its attribute of the transmission 
stream, at the time of selecting a channel of a tuner inside the 
transmitter side (server, source). 

[0222] For example, as for a UPnP-AV container structure in the 
case where broadcast is received, a tuner container is placed below 

10 <root>. As a container type, a tuner container is assigned to each 
broadcasting system such as ground digital broadcasting, BS digital 
broadcasting, 110 CS digital broadcasting with a wide bandwidth. 
In this case, a channel of each broadcasting sytem is assigned as an 
item below each tuner container. The receiver side can recognize 

15 the transmitter side's tuner container and channel item inside the 
tuner container, using a search or browse command of the CDS of 
UPnP. The item as a channel has accompaniment information 
transmitted from a broadcasting station. 

[0223] Likewise, here is a case where a stored content is played 
20 back and there are plural transmission streams, transmitted from a 
source to a sink, of N programs assigned to the respective N ports in 
the transmitter side. Each stream is represented by a property 
format of UPnP. Any of the followings are included as the attribute 
of the property of a specific transmission stream : a container type of 
25 a storage media device, a storage media device ID of each container 
type of a storage media device, a program ID selected by the 
storage media device, availability information including sharing of a 
transmission stream, TCP or RTP port numbers used in the transport 
layer by which the stream is transmitted, a connection ID, of the 
30 UPnP-AV unit of the sink, which the ConnectionManager of the 
UPnP-AV unit of the sink sets as to an item-related logical 
connection to the ConnectionManager of the UPnP-AV unit of the 
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source; and a connection ID, of the UPnP-AV unit of the source, 
which the ConnectionManager of the UPnP-AV unit of the source sets 
as to an item-related logical connection to the ConnectionManager 
of the UPnP-AV unit of the sink. This enables the sink to determine 
whether there is space in a transmission stream or not, and 
determine the program and the storage media device which are 
selected by referring to the property and its attribute of the 
transmission stream, at the time of selecting a program of a storage 
media device inside the source. 

[0224] For example, as for a UPnP-AV container structure in the 
case where a storage and recording device is a hard disc drive (HDD), 
a DVD-RAM drive, and a BD drive, containers for them are placed 
below <root>. As a container type, a container is assigned to each 
device such as an HDD, a DVD-RAM drive, and a BD drive. In this 
case, a storage and recording content is assigned as an item below 
each container on a program-by-program basis. This enables the 
receiver side to recognize the storage and recording device 
container of the transmitter side and the storage and recording 
contents inside the storage and recording device container, using a 
search or browse command of the CDS of UPnP. The strored and 
recorded item has accompaniment information provided when 
recorded. 

[0225] In addition, in the case where the client receives and 
stores an item belonging to a broadcasting container of the 
transmitter server, it generates property of each broadcasting 
system using the attribute (An attribute is intended for 
distinguishing a broadcasting system such as ground digital 
broadcasting, BS digital broadcasting, and 110 CS digital 
broadcasting with a wide bandwidth.) of a tuner container of each 
broadcasting system, and stores the property as the property of the 
generated item stored and recorded in a storage and recording 
device. In this way, it is possible to identify contents and the 
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broadcastying system from which the contents has been broadcast, 
by viewing the property of the item played back from a storage and 
recording device, even in the case where a container for each 
broadcasting system is not prepared in the storage and recording 
5 device. 

[0226] As described above, the client which newly performs a 
server connection can grasp a use status of the server, and performs 
selection and transmission of contents in a further efficient manner, 
irrespective of whether broadcast is received or storage contents 

10 are played back. 

[0227] Note that the UPnP-AV unit is logically associated with a 
transport unit which uses HTTP or RTP which requires TCP or UDP, 
based on a logical pair of "TCP or UDP port numbers used in the 
transport layer by which a stream is transmitted" and "a connection 

15 ID, of the UPnP-AV unit of the sink, which the ConnectionManager of 
the UPnP-AV unit of the sink sets as to an item-related logical 
connection to the ConnectionManager of the UPnP-AV unit of the 
source; and a connection ID, of the UPnP-AV unit of the source, 
which the ConnectionManager of the UPnP-AV unit of the source sets 

20 as to an item-related logical connection to the ConnectionManager 
of the UPnP-AV unit of the sink". This makes it possible to logiacally 
associate the UPnP-AV layer which uses the CDS or the Connection 
Manager Service (CMS) with the transport layer which uses 
HTTP/TCP/IP one-to-one. Therefore, it becomes possible to realize 

25 transmission control such as content establishment, content 
selection, content transmission, disconnection, management of 
existing connection. In addition, it is possible to associate the 
transmission control unit by HTTP with the UPnP-AV unit one-to-one, 
by describing connectionID of the UPnP-AV unit in the extension 

30 field of a message header of a request message of HTTP or in the 
extension field of a message header of a resonse message of the 
HTTP. 



-82- 



Industrial Applicability 

[0228] The present invention is applicable as packet transmitter 
apparatuses such as a digital tuner, a DVD recorder and the like, In 
5 particular, the present invention is applicable as a packet 
transmitter apparatus which prevents copy-restricted contents of 
digital broadcasting or a DVD disc from being copied illegally and 
transmits it securely through an IP network, succeeding the copy 
control information which has been set by the copyright owner. For 
10 example, it is also applicable as a packet transmitter apparatus 
which transmits premium contents such as a movie from a digital 
tuner or a DVD recorder in a living room on the first floor of a general 
home to a display in a bedroom on the second floor. 
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